Report: some small cities have surprisingly high number of exposed devices

Trend Micro released a report about the exposed cyberassets

Trend Micro this morning released a report about the exposed cyberassets in the top U.S. cities and most critical industry segments -- and in many cases, it was the smaller municipalities that had the largest number of problems.

"Larger cities had fewer systems being exposed," said Ed Cabrera, chief cybersecurity officer at Trend Micro.

Houston, for example, had 3,900,208 exposed devices, compared with 1,031,325 in New York City, even though New York has nearly four times as many people.

But many of the cities with the highest numbers of exposed devices were even smaller. Sometimes, much, much smaller.

The industry where this was most apparent was the utilities sector. There, the top cities for the number of exposed cyberassets were all on the smaller side -- Clarksville, Tenn., Hopkinsville, Ky., Braintree, Mass., Ocala, Fla., Bismarck, N.D., Muscatine, Iowa, Tahlequah, Okla., Shrewsbury, Mass., Fairfield, Conn., and Granby, Mass. None of these are major population centers. In fact, Granby had a population of just 6,420 in the 2010 census.

Cabrera suggested that the reason could be that the smaller cities lack the budgets or resources to secure their infrastructure as much as they should.

Take, for example, the government sector.

Trend Micro researchers used the Shodan search engine to hunt for vulnerable devices, and found that Lafayette, Ind., and Saint Paul, Minn., had more exposed cyber assets than Washington D.C.

When it comes to the emergency services sector, Houston and Lafayette led the rankings.

Cambridge was the city with the most exposed assets in the health care sector.

Local municipal governments aren't always to blame here, Cabrera said.

"A lot of the infrastructure that you see that are attributed to a city are not all city-owned," he said.

The devices that were most frequently exposed, according to the report, were firewalls, wireless access points, printers, and webcams.

Firewalls accounted for 77 percent of exposed devices in the financial sector, 69 percent in the health care sector, 56 percent in the emergency services sector, 49 percent in the government sector, and 37 percent in the utilities sector.

Wireless access points made up the largest part of exposed devices in the utilities sector, at 40 percent.

The most common problems were in SonicWall firewall http configuration, which account for 85 percent of firewall vulnerabilities.

The problem is that misconfigured firewalls can be identified from the outside as being firewalls.

Cabrera said that the Shodan search engine has some good capabilities for finding vulnerable devices, and that this power could be used by companies to help defend themselves.

"If you were doing penetration testing, proactively protecting your infrastructure, it gives you the opportunity to see if your infrastructure is out there," he said.

He said that security teams are constantly struggling to identify all the infrastructure that they have.

"And if you can't see it, you can't protect it," he said. "Asset management and vulnerability management is critical to any mature cybersecurity program."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags cyber security

More about CSOSonicWallTrend Micro

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Brand Page

Stories by Maria Korolov

Latest Videos

More videos

Blog Posts