| Abstract | Navigating the maze of contemporary organizational attack surfaces is paramount in fortifying our defenses against the relentless tide of cyber incidents. However, existing network reconnaissance and security measurements, which enumerate IP addresses or scan popular domains searching for vulnerabilities, capture only a fragmented view of the risk landscape, neglecting the nuanced reality of modern organizational assets. We experimentally show that such scans miss out on most assets of large organizations since they do not consider the increasingly complex IT architectures.
We perform the first security analysis of the external attack surface of the 100-top enterprises in Europe. We discover the digital assets belonging to the enterprises and analyze the security of the services per 3 attack surface areas: (1) self-hosted on on-premises, (2) the services hosted on cloud, and (3) the services outsourced to external providers. The last one is usually shadowed under the traditional on-premises and the modern Cloud and has not been studied or compared to them. Our analysis shows that it is a large and significant part of the digital footprint of enterprises. In general, our analysis shows that organizations in different sectors have distinct IT architectures and are built differently, as a result, the security issues vary across the sectors. More importantly, for each sector, the security issues in each of the 3 areas differ from each other. This demonstrates the need for a more granular approach when analyzing organizations.
Based on our findings, we provide recommendations per sector per area. We also initiated a disclosure campaign notifying the enterprises of the identified vulnerabilities. |
|---|
