Trend Micro this morning released a report about the exposed cyberassets in the top U.S. cities and most critical industry segments -- and in many cases, it was the smaller municipalities that had the largest number of problems.
"Larger cities had fewer systems being exposed," said Ed Cabrera, chief cybersecurity officer at Trend Micro.
Houston, for example, had 3,900,208 exposed devices, compared with 1,031,325 in New York City, even though New York has nearly four times as many people.
But many of the cities with the highest numbers of exposed devices were even smaller. Sometimes, much, much smaller.
The industry where this was most apparent was the utilities sector. There, the top cities for the number of exposed cyberassets were all on the smaller side -- Clarksville, Tenn., Hopkinsville, Ky., Braintree, Mass., Ocala, Fla., Bismarck, N.D., Muscatine, Iowa, Tahlequah, Okla., Shrewsbury, Mass., Fairfield, Conn., and Granby, Mass. None of these are major population centers. In fact, Granby had a population of just 6,420 in the 2010 census.
Cabrera suggested that the reason could be that the smaller cities lack the budgets or resources to secure their infrastructure as much as they should.
Take, for example, the government sector.
Trend Micro researchers used the Shodan search engine to hunt for vulnerable devices, and found that Lafayette, Ind., and Saint Paul, Minn., had more exposed cyber assets than Washington D.C.
When it comes to the emergency services sector, Houston and Lafayette led the rankings.
Cambridge was the city with the most exposed assets in the health care sector.
Local municipal governments aren't always to blame here, Cabrera said.
"A lot of the infrastructure that you see that are attributed to a city are not all city-owned," he said.
The devices that were most frequently exposed, according to the report, were firewalls, wireless access points, printers, and webcams.
Firewalls accounted for 77 percent of exposed devices in the financial sector, 69 percent in the health care sector, 56 percent in the emergency services sector, 49 percent in the government sector, and 37 percent in the utilities sector.
Wireless access points made up the largest part of exposed devices in the utilities sector, at 40 percent.
The most common problems were in SonicWall firewall http configuration, which account for 85 percent of firewall vulnerabilities.
The problem is that misconfigured firewalls can be identified from the outside as being firewalls.
Cabrera said that the Shodan search engine has some good capabilities for finding vulnerable devices, and that this power could be used by companies to help defend themselves.
"If you were doing penetration testing, proactively protecting your infrastructure, it gives you the opportunity to see if your infrastructure is out there," he said.
He said that security teams are constantly struggling to identify all the infrastructure that they have.
"And if you can't see it, you can't protect it," he said. "Asset management and vulnerability management is critical to any mature cybersecurity program."