A new study shows many of these companies run remote administration tools over open ports, exposing their networks

Mar 8, 2017 11:01 GMT  ·  By

Fortune 1000 companies suffer data breaches twice as often as their peers, reveals a new report that looks at how secure America's largest companies are. 

According to BitSight's latest report named "How Secure Are America's Largest Business Partners? Rating the Cybersecurity Performance of the Fortune 1000," companies that are part of this list are more likely to suffer data breaches. The report shows that companies with a Security Rating of 500 or lower are five times more likely to experience a publicly disclosed breach than companies with a Security Rating of 700 of higher, with 900 being the top score and, at the same time, the safest.

"Understanding the security maturity of Fortune 1000 companies provides greater context for any organization looking to benchmark their own performance," said Stephen Boyer, co-founder and CTO of BitSight. "Moreover, this data can be used to better inform companies of the risks posed when sharing data or network access with Fortune 1000 organizations. For example, a primary reason Fortune 1000 companies have a lower median Security Rating is due to higher frequency of system compromise on their networks. Awareness of the incident detection and response practices of third-parties should factor into the process of screening new vendors."

Over the past 15 months, BitSight researchers have noticed that at least one out of every 20 Fortune 1000 companies has experienced a publicly disclosed breach. Of course, the size of the issue depends on the size of the company. It should also be added that the companies that deal over the Internet a lot have a higher risk of being targeted by hackers, and therefore, of suffering a data breach.

There's also the added problem that a majority of Fortune 1000 companies were found to have at least one remote administration service running on an open port, which may allow unauthorized access to machines. It seems that 55% of them use Telnet, 14% of them VNC, both of them remote administration services, and 8% PostgreSQL, an open source database, all running on open ports.

The rise of botnets

Another problem that researchers noticed was that Bedep, a botnet that can compromise machines, was noticed in one out of every five Fortune 1000 companies in March. This is a steep climb compared to one in 20 companies affected, as was the case back in December.

Bedep was identified as the most common system compromise across six major industries. While its evolution didn't really surprise researchers, the rise of AndroidBauts and Necurs did. In fact, one in every 10 companies in Fortune 1000 has exhibited this type of malware on their network.

"The surge of AndroidBauts is a clear sign that mobile devices are increasingly posing risk to companies. This family of malware is found on Android Devices, and often originates from malicious apps downloaded on the Google Play store. AndroidBauts can allow the installation of third party apps and shortcuts on devices11. Some strains of AndroidBauts push malicious ads to the user, but more malicious strains can steal user information while running in the background," the report reads.