Slashdot Mirror

← Back to Stories (view on slashdot.org)

Belgium Tops List Of Nations Most Vulnerable To Hacking (theguardian.com)

Posted by msmash on from the nothing-to-be-proud-of dept.

Alex Hern, reporting for The Guardian:A new "heat map of the internet" has revealed the countries most vulnerable to hacking attacks, by scanning the entire internet for servers with their front doors wide open. Produced by information security firm Rapid7, the National Exposure Index finds that the most exposed country in the world is Belgium, followed by Tajikistan, Samoa and Australia. The U.S. comes 14th and the UK 23rd. [...] Tom Beardsley, one of the report's three authors, was surprised by his own findings. "We expected to find that the most exposed countries were also the richest," he explained. The richest countries (by aggregate GDP, which place large countries like China near the top of the list) were likely to have the most net-connected devices, which should mean they proportionally have the most potential for damage. "If you're a rich country, you have a lot of internet. But we didn't find any correlation between the number of nodes and the exposure."

21 of 35 comments (clear)

  1. Bad headline by campuscodi · · Score: 2

    The Guardian flubbed its headline. I read the Rapid7 report and the most worrying detail was the fact that there are still over 15 million Internet-available Telnet ports, 7.8 million MySQL ports, 8.8 million RDP, and 5.2 million VNC ports. https://information.rapid7.com...

    1. Re:Bad headline by dfsmith · · Score: 3, Interesting

      Agreed. "Exposed ports" != "vulnerable ports".

      I have no problem with telnet as long as you can't access anything too interactive (e.g., a shell) through it. After all, http, SMTP, POP, daytime, chargen and echo are all telnet-like protocols. (Ok, not really, but close enough,) It used to be quite fun to run a honeypot (fake) telnet server to see what was happening in the wild woolly internet.

      Even open, unencrypted RDP and VNC have a [narrow] use case (broadcasting games and videos, anyone?)

      Can't think of a good use case for open SQL ports though; except for very specialized applications.

    2. Re:Bad headline by fuzzyfuzzyfungus · · Score: 1

      It would be useful to know what the relationship between "number of ports open" and "number of ports actually being used" is.

      A port with something listening on it is always going to be more vulnerable than one without, since there might be some defect in the listening application that could be exploited by bouncing the right input off it; but that is likely a lower risk than the fairly egregious "If you remotely connect via telnet or VNC anyone can just sniff your password off the wire" problem.

      If the problem is with the configuration on the server side, telnet isn't really any more dangerous than SSH, since both will horribly fail to stop somebody guessing root's weak password; but with telnet anyone actually trying to use it is leaking information to anyone with access to the wire; while with encrypted protocols you at least have to screw up to be vulnerable.

      It's a real pity about VNC. It can be made secure(Apple's "ARD" is pretty much VNC with their authentication bolted on); but none of the widely available and interoperable implementations are remotely safe unless SSH tunnelled or the like.

    3. Re:Bad headline by Rob+Kaper · · Score: 2

      Agreed. "Exposed ports" != "vulnerable ports".

      True, but unnecessary exposure is still an extra risk incase of a vulnerability.

      I wish I could stricten access to services such as IMAP, can't wait for my LTE provider to roll out IPv6 so I can open it up to just me and not the whole world (or everyone with the same provider).

  2. Re:Passing the blame by Opportunist · · Score: 1

    More likely they'll blame the EU. It's closer and more tangible, and it's far from impossible that it's actually really what is to blame.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  3. Be right back by JustAnotherOldGuy · · Score: 1

    BRB, going to hack Belgium.

    --
    Just cruising through this digital world at 33 1/3 rpm...
  4. Re:Passing the blame by Incadenza · · Score: 2

    As with everything else, the Europeans will blame the US for this.

    The Belgiums can blame the UK, it was the GCHQ that hacked Belgacom, their biggest telco.

  5. Sanders by Tablizer · · Score: 1

    <fox-news-mode>
    See, Bernie's Democratic Socialism is already failing!
    </fox-news-mode>

    --
    Table-ized A.I.
    1. Re:Sanders by blind+biker · · Score: 1

      I don't see any of the Nordic countries on the list, and Germany is in a solid position. While Belgium is certainly more socially progressive than the US, it's the European Nordic countries and Germany that are the real standard of socialist democracy.

      --
      "The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
    2. Re:Sanders by Tablizer · · Score: 1

      I disagree with Sander's definition of "socialism". I'd say a country's GDP would have to be roughly 2/3 government to call it "socialist". His example countries are generally hybrids.

      --
      Table-ized A.I.
    3. Re:Sanders by Shinobi · · Score: 1

      Denmark is on the list, so a nordic country is represented in there. And I'm not entirely surprised by them being on the list either.

    4. Re:Sanders by Anonymous+Cow+Ward · · Score: 1

      No, the Nordic countries and Germany are *social* democracies, not *socialist* democracies. Their private sectors are far too large to really be socialists. What they have is a mixed market economy that also happens to have a strong social welfare safety net.

      --
      Examine even your most deeply held beliefs. Nobody is always right.
  6. Re:Passing the blame by Guybrush_T · · Score: 2

    This does not make any point nor sense. Was it supposed to be funny ? a troll ?

  7. Vietnam, Pakistan, Israel and Singapore at bottom. by blind+biker · · Score: 2

    As the great Nate Diaz would say: I'm not surprised, motherfuckers! All four countries are being targeted by relatively large populations of hostile nations (Pakistan ---- India, Israel ---- Islamic world, Vietnam ---- China, Singapore ---- Islamic world AND China).
    In my mind it seems clear that nations who have been targeted for some time, have built up better "defenses" i.e. practices and protocols.

    --
    "The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
  8. Re:Belgium by Tablizer · · Score: 1

    ...is vulnerable to everything.

    Yah, those Belgians are wafflers

    --
    Table-ized A.I.
  9. Goodies or Badies? by dohzer · · Score: 1

    You're going to be vulnerable to hacking from badies if you want the goodies to be able to do their job.

  10. Re:Passing the blame by myowntrueself · · Score: 1

    As with everything else, the Europeans will blame the US for this. Somehow. When they don't like something, it's always the fault of the US and how the US supposedly forces their laws on Europe. I can't imagine this will be any different.

    Well there is that DNS system that the US wants to maintain control over, so we can blame the US for that!

    --
    In the free world the media isn't government run; the government is media run.
  11. Re:Belgium by hcs_$reboot · · Score: 1

    Especially good chocolates

    --
    Slashdot, fix the reply notifications... You won't get away with it...
  12. Try the veal by PopeRatzo · · Score: 4, Funny

    Belgium Tops List Of Nations Most Vulnerable To Hacking

    It's because their leaders keep waffling.

    --
    You are welcome on my lawn.
  13. Unrelated, but Monty Python: Belgians by turp182 · · Score: 2

    I recall this from 30 years ago (when in middle school):
    https://www.youtube.com/watch?...

    --
    BlameBillCosby.com
  14. ipv6 and open ports by cobbaut · · Score: 3, Interesting

    More than half of Belgium is on ipv6, the test only includes ipv4 hosts.

    And since when does 'open port' equal 'vulnerability' ?

    --
    European Linux user, living in Antwerp