Zimbabwe is the most exposed country on the National Exposure Index according to a Rapid7 report. This is mainly due to poor default settings used by local service providers. Rapid7, an international security firm has warned of a major database attack that is likely to occur in 2018.
To reduce the risk of attacks, businesses are advised to review information they are exposing to the internet. According to the study, many local organizations are leaving open doors to attackers.
In the Rapid7 National Exposure Index, a million endpoints plus are said to be giving out Microsoft file-sharing services. Over 800 000 of these are Microsoft Windows systems across most products and versions using the (SMB) server message block file sharing protocol, while port scanning for SMB port 445 returned 5.5 million responsive nodes.
The study shows that WannaCry ransomware attack which took place in May 2017 quickly spread due to its use of an SMB exploit that a hacking group Shadow Brokers had leaked. And over 200 000 computers in 150 countries were affected by WannaCry ransomware before the attack could be stopped.
The computer security firm has advised organizations to review the use of file-sharing services, identify where they are necessary, and to eliminate them wherever possible. According to Rapid7, organizations should use cloud-based services that are inherently more secure through the use of (HTTP) Hyper Text Transfer Protocol or (SSL) Secure Sockets Layer or (HTTPS) instead of services like SMB and Samba. In unavoidable scenarios, organizations are encouraged to utilize a Virtual Private Network (VPN) which solves the problem. Aside from that, it would be better to take databases offline instead of wait for a major attack to take place.
The top 10 countries on the National Exposure Index is as follows:
- Hong Kong
- The Republic of Congo
In 2016, Belgium was ranked as the most vulnerable country in the world. The country has since slid down the ranks to an impressive 179 in just under a year.
The study by Rapid 7 comes at a time when one of the country’s major universities, the Harare Insitute of Technology just suffered a Ransom Attack. As of 2016, Zimbabwe had the highest rate of use of unlicensed software as shown in the 2016 GLOBAL SOFTWARE SURVEY.