National / Industry / Cloud Exposure Report

The most comprehensive census of the modern internet

A global virus outbreak, an economic downturn, and a mass migration to remote work has provided us with a unique opportunity to diagnose this unprecedented period of tumult as it reshapes our world in sudden, chaotic ways. We’re excited to introduce you to the 2020 National / Industry / Cloud Exposure Report (NICER): the Rapid7 Research team's dense, data-rich tome of exposure observations across countries, industries, and services, with actionable security advice. NICER dives into and captures aspects that contribute to the overall global network we rely on for commerce, culture, connection–essentially, our livelihoods.   

[On-Demand Webcast]

Register for Rapid7's NICER 2020 Debrief for more details about the report.

Join Here

Executive Summary 

In this report, the Rapid7 Research team analyzes the internet risk landscape, measures the geographic distribution of common exposures, breaks down their findings by country, industry, and protocol, and assesses the effect of the pandemic and technological movements to the cloud. 

Here are some of the key trends and takeaways:

  • Cryptography is still not the standard - After assessing 24 service protocols, we discovered that unencrypted, cleartext protocols are still the norm. With 42% more plaintext HTTP servers than HTTPS, 3 million databases open for insecure queries, and 2.9 million devices still accepting Telnet connections–it’s painfully obvious that anything that reaches the internet today needs to be encrypted. 
  • Routine software maintenance is slow - Regular updates, patching, and upgrades are largely absent in a wide range of internet services–particularly in areas of email handling and remote access. 3.6 million SSH servers have vulnerable versions that are 5-14 years old. Even scarier, some of the top trading companies in the world have unpatched services with an estimated 10,000 high-rated CVEs across their publicly traded assets. Regular software patching and decommissioning schedules should be a common practice across all enterprises. 
  • Insecure services have decreased - Services like SMB, Telnet, and rsync have seen a 13% decline, despite the rapid shift to a remote workforce model for many. ISPs, governments, and companies should continue their effort to eliminate usage of these services. 

Without a doubt, there has been encouraging progress in cybersecurity–even in the face of a pandemic and recession. However, despite the gains, highly-sophisticated, well-resourced attackers understand the weaknesses in the design, deployment, access, and maintenance of systems, and they continue to attack internet targets with relative impunity. IT and cybersecurity professionals need help from others who can advise, educate, and guide them to effectively secure their infrastructure. 

Following the footsteps of Rapid7’s National Exposure Index, and the Industry Cloud-Exposure Report, the National / Industry / Cloud Exposure Report connects the dots and brings both of these worlds together into one.

Read the full National / Industry / Cloud Exposure Report to understand the state of our worldwide security posture and the steps we can take do to improve it.    

The Internet Is Full of Surprises

What are the top most exposed industries, countries, and services in the world?

Exposing the New Reality

National / Industry / Cloud Exposure Report Infographic

By the middle of 2020, the entire world has been coping with a virus outbreak of the sort we don't usually cover in computer science fields: the biological pandemic of COVID-19 and the nearly immediate economic recession following the resultant lockdown. The first question we tasked ourselves with answering was: How did the pandemic, lockdown, and job loss affect the character and composition of the internet?
The 2020 National / Industry / Cloud Exposure Report