Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Survey Highlights Alarming Trends in Insecure Network Configurations

Security vendor nCircle used brief surveys conducted during webinars to highlight the state of network configurations that utilize insecure protocols and settings. Based on the data, the saying “easier said than done” has certainly become a reality.

Security vendor nCircle used brief surveys conducted during webinars to highlight the state of network configurations that utilize insecure protocols and settings. Based on the data, the saying “easier said than done” has certainly become a reality.

Accordingly, 38 percent of the respondents to nCircle’s questioning said that they were required to run Telnet. This is just one example of poor communication implementation, which thanks to legacy systems within enterprises and SMBs, brings significant risks that are nearly impossible to get rid of.

In addition, the study revealed that 58 percent of respondents were either unaware if their organization used SSHv1 (a less secure version of SSH) or if they were required to use it. This is in addition to those who said they didn’t know if SNMP default community strings were being used, or if they were required to use them. Also, 67 percent said the same thing about TLS ciphers.

“The only plausible reason to run Telnet is because a business partner requires it,” said Andrew Storms, director of IT and security operations for nCircle. “In that case, IT professionals need to push aggressively to find another partner. There’s just no way to make Telnet secure.” 

“It’s also discouraging to see so many small businesses that aren’t sure if they have insecure settings on their networks, since we know hackers are targeting these businesses aggressively,” Storms added.

Snapshots from the survey are available here.  

Written By

Click to comment

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...