RE, Construction Among Most Exposed to Cyber Attacks

Managed detection and response service provider eSentire’s new report points to outdated vulnerabilities as a source of the industries’ susceptibility.
Kerry Bailey, CEO, eSentire
Kerry Bailey, CEO, eSentire

A new report by eSentire places the real estate and construction industries on a most undesirable list. Per the Managed Detection and Response service provider’s Q2 2018 Quarterly Threat Report, the two sectors are among the industries that are most vulnerable to cyber attacks.

The number of potential, or likely, victims is enormous. “Web servers are exposed de facto, which makes them a primary target,” Kerry Bailey, CEO of eSentire, said in a prepared statement. eSentire commences the executive summary of the second quarter study with a sobering fact: quarter-over-quarter attacks of Microsoft Internet Information Services skyrocketed from 2,000 to 1.7 million. 

The threat report, produced by eSentire’s Threat Intelligence team, is based on data culled from more than 2,000 proprietary network and host-based detection sensors disseminated across the world.

On the report’s list of the top five industries that experienced the largest share of cyber threats in the form of information gathering events, or scans, biotechnology and accounting lead the pack, followed by real estate, marketing and construction. These industries recorded the highest amount of hostile traffic, predominantly as a result of opportunistic attacks on outdated vulnerabilities. Industry preference, however, does not play a role in the ranking.

“A high volume of exploit attempts does not typically indicate one industry is targeted over another. Rather, it is representative of their exposure to opportunistic attacks,” according to the threat report. “Regardless of industry, most attackers are probably looking to drive ad revenue or adopt compromised servers into their attack infrastructure.”

Putting a name to the threat

The real estate and construction verticals experienced an excessive number of attacks from separate sources. In real estate, D-Link home router exploit attempts were most prevalent, while Drupalgeddon2 attacks plagued the construction industry. The exploit attempts that proved successful could have been prevented through routine patching or the correction of misconfigurations.

“The reason attacks continue is because most organizations have internal systems they hesitate to update for fear it will change or break something,” per the report. “Or, they are unaware that a patch is necessary or underestimate the gravity of failing to patch. This is an easily rectifiable problem that lingers for many.”

Image courtesy of eSentire