Are Organizations Safe From Cyber Attacks? Experts Say Most Still Vulnerable

Despite two major malware attacks that affected hundreds of thousands of computer systems in countries all over the world, a majority of information security experts still believe organizations are lacking in protections needed to prevent being hit by another attack, a survey found.

Threat detection firm Tripwire surveyed 108 security professionals at the Black Hat USA hacker conference held in Las Vegas in July. It found a considerable number of experts who were dismayed by the response of organizations in the wake of attacks like WannaCry and Petya.

Read: Petya Ransomware: How Businesses Can Prepare Against Similar Cyber Attacks

Two-thirds of all respondents— 68 percent—said, despite the considerable scare of global malware attacks, they did not feel confident enterprises on the whole had made the necessary investments to improve security and protect against a future outbreak.

The news wasn’t all bad, though. An even larger majority of respondents—84 percent—said the organizations they worked for had made investments that would help to mitigate cybersecurity risks and defend against attacks. Given their presence at the Black Hat convention, those surveyed likely were more aware of threats and worked for companies that are aware of and concerned about cyber attacks.

When it comes to what companies could be doing better, there was a wide range of opinions from the experts. Twenty-eight percent identified network device discovery, or knowing what devices are connected to the network and what risk they may pose, was the biggest unaddressed problem for most enterprise organizations.

Managing vulnerabilities was the next on the list of individual problems that required addressing, with 14 percent of those surveyed identifying it as the top issue. Paying attention to audit logs and managing administrative privileges were considered top problems by 6.5 percent of experts each, and nearly five percent said knowing what software was installed on the network was the biggest security shortfall.

Read: EternalBlue Exploit: Thousands of Machines Still Not Patched Against WannaCry, Petya Attacks

Unfortunately for organizations hoping to lock down the security of their computer systems, 40 percent of security experts said the top security shortfall was all of the above, suggesting defenses in every category are lacking.

The response is perhaps unsurprising given the occurrence of the WannaCry ransomware campaign in May and the Petya “wiper” malware campaign that spread just one month later.

WannaCry made use of a Windows security vulnerability first discovered by the U.S. National Security Agency (NSA) and stolen by a group of hackers known as the Shadow Brokers. While Microsoft patched the vulnerability before the spread of WannaCry, most organizations failed to patch before the attack. More than one million machines were infected by the attack.

In June, the Petya attack began to spread using in part the same exploit that WannaCry used. While Petya was more advanced, using an alternative propagation method when the original exploit was patched, it still managed to hit tens of thousands of machines in more than 60 countries.

EternalBlues, a scanner designed to find unpatched Windows machines still vulnerable to the exploit that spread the global malware campaigns, found 60,000 computer systems that were yet to install a security patch that defends against the vulnerability.