More than half of all security vulnerabilities are caused by outdated and unpatched systems.
That’s one of the many findings of the 2014 Global Threat Intelligence Report by the NTT Group. The report reviews data from about 3 billion attacks in 2013.
Highlights of the report:
More than 40% of external vulnerabilities found in 2013 were caused by outdated systems. More than 30% were attributed to outdated Apache servers.
Do your clients have any of these problems?
Eight of the top 10 internal vulnerabilities found in 2013 were caused by outdated systems. They represent 28% of the total.
Outdated and unpatched systems accounted for 59% of all security vulnerabilities found in 2013. That is nearly four-times greater than any other cause.
Half of the vulnerabilities were at least one year old. They were first discovered between 2004 and 2011. This highlights a widespread lack of basic security best practices.
“Many organizations are not protected against common vulnerabilities which are included in widely distributed hacking exploit kits,” according to the report.
Top six types of vulnerabilities found were caused by:
A key finding of the report is that many organizations need to adopt basic, repeatable, and ongoing security measures.
The following recommendations are provided (more details in the report):