In 2016, Rapid7 Labs launched the National Exposure Index in order to better understand the nature of internet exposure—services that either do not offer modern cryptographic protection, or are otherwise unsuitable to offer on the increasingly hostile internet—and how those exposure levels look around the globe. Read the 2018 National Exposure Index.
Now in our third year, we continue this ongoing investigation into the risk of passive eavesdropping and active attack on the internet, and offer insight into the continuing changes involving these exposed services. We’ve added a third dimension for exposure, “amplification potential,” in the wake of the disastrous memcached exposure uncovered in 2018. We’ve also modified our ranking algorithm in this edition. First, we’re measuring and scoring amplification abuse potential. Second, we’ve added more studies targeting exposed databases, and weighted groups of protocols as “more risky” than others, such as SMB, memcached, and database ports. In addition, we’re treating the especially responsive 2% of IPv4 nodes (0.08% of routable IPv4 addresses) as mere noise absorbers/generators in their networks and have removed those nodes from scoring entirely.
To learn about the key findings and analysis, as well as what steps can be taken to improve security posture worldwide, read the National Exposure Index in its entirety, register for our webcast to hear directly from the researchers, and explore country statistics via the interactive map and select country-specific executive summaries below.