August 3, 2023 New Securin Report: US Public Sector at High-Risk

Securin experts conducted a passive scan of the 50 United States’ domains and State departments, discovering serious vulnerabilities.

ALBUQUERQUE, NEW MEXICO – Securin, a leader in tech-enabled cybersecurity solutions, released a report detailing their findings after conducting passive scans of the 50 United States’ domains and State departments. Some of the key findings of the passive scan of US States include:

• Domains are hosting 8 million addressable IPs and 119,000 instances of high-risk services, exposing valuable assets to risk of exploitation.
• 11,000 internal non-production systems are accessible from the internet, creating easy opportunities for infiltration by hackers.
• 18 high-risk vulnerabilities classified as Remote Code Execution (RCE)/Privilege Escalation exploits are present in assets.

“Government agencies and employees are a large target of malicious actors precisely because of the trove of sensitive information they have access to,” said Ram Movva, Securin CEO. “Without true visibility into an organization’s threat exposures, security teams are attempting to fend off sophisticated threat actors without being armed with the knowledge of what could be potentially exploited by threat actors. State CIOs face an uphill battle against diverse IT infrastructure, limited resources, legacy systems, and emerging threats – which is why it is vital for public and private sectors to work together to protect all of us.”

In the last few years, there has been a strong upswing in cyberattacks on US government entities, State and local government and education (SLED) organizations, and public sector enterprises. This poses a fundamental threat to public safety and governance and governments worldwide have taken notice.

New mandates from heads of state mark a new state of global urgency to protect critical assets and infrastructure from cyberattacks.

Additionally, budget constraints and organizational silos weaken security efforts. Earlier this year, the US Government Accountability Office (GAO) said 60% of its cybersecurity recommendations have not been implemented over the last decade.

To address these cybersecurity concerns, US state agencies are recommended to undertake diligent remediation efforts, including:

1. Strong Security Controls: Apply strict access control measures to open ports. Use firewalls, network security groups, or access control lists (ACLs) to restrict inbound and outbound traffic to authorized destinations.
2. Continuous Threat Exposure Management: Have holistic cybersecurity controls to monitor, discover, and address critical exposures. This proactive approach helps identify potential vulnerabilities and areas of concern, allowing for timely remediation and reducing the overall attack surface.
3. Prioritize Vulnerabilities: Assess vulnerabilities based on their criticality and potential business impact. Prioritize patching and remediation efforts to address high-risk vulnerabilities promptly, reducing the window of opportunity for attackers to exploit them.

About Securin
Securin is a leading provider of tech-enabled cybersecurity solutions, helping hundreds of customers worldwide gain resilience against emerging threats. Our products and services are powered by accurate vulnerability intelligence, human expertise, and automation, enabling enterprises to make critical security decisions to manage their expanding attack surfaces.

For more information, visit www.securin.io and follow us on LinkedIn and Twitter.

Press Contacts
Jocelyn Disque
Touchdown PR
(512) 599-4015
Securin@touchdownpr.com

Subscribe to Industry Today