ExtraHop Security Advisory: 67 Percent of Enterprise Environments Still Run Protocol Exploited by WannaCry and NotPetya
ExtraHop (News - Alert), the leader in cloud-native network detection and response, today released a security advisory about the prevalence of insecure protocols in enterprise IT environments. The report details the ongoing use of deprecated and insecure protocols, including Server Message Block version one (SMBv1), which was exploited by the WannaCry ransomware variant to encrypt nearly a quarter of a million machines world-wide four years ago today.
In early 2021, the ExtraHop threat research team conducted primary research examining the prevalence of insecure protocols in enterprise environments, specifically SMBv1, Link-Local Multicast Name Resolution (LLMNR), NT Lan Manager (NTLMv1), and Hypertext Transfer Protocol (HTTP). The research uncovered alarming usage of these protocols that expose organizations and their customers to considerable risk.
Download the full report here: Security Advisory: Insecure Protocol Usage Exposes Organizations to Cybersecurity Risk.
You can learn more about protocols and threat activities associated with them by visiting the ExtraHop Network Protocol Library.
ExtraHop is on a mission to arm security teams to confront active threats and stop breaches. Our Reveal(x) 360 platform, powered by cloud-scale AI, covertly decrypts and analyzes all cloud and network traffic in real time to eliminate blind spots and detect threats that other tools miss. Sophisticated machine learning models are applied to petabytes of telemetry collected continuously, helping ExtraHop customers to identify suspicious behavior and secure over 15 million IT assets, 2 million POS systems, and 50 million patient records. ExtraHop is a market share leader in network detection and response with 30 recent industry awards including Forbes AI50, Cybercrime Ransomware 25, and SC Media Security Innovator.
Stop Breaches 84% Faster. Get Started at www.extrahop.com/demo