A 2021 State of Storage study revealed that over 6,000 discrete vulnerabilities, misconfigurations, and security issues were detected in more than 400 high-end storage devices. On average, an enterprise storage device has around 15 security vulnerabilities, out of which three can be regarded as being at a high or critical risk rating. Legacy protocols are a primary concern in storage security, particularly when legacy versions of storage protocols, such as SMBv1 and NFSv3, are not disabled or defaulted to. Using cipher suites that are no longer recommended, such as allowing TLS 1.0 and 1.1 and not disabling SSL 2.0 and 3.0, further exacerbates the problem.
The lack of encryption for critical data feeds, such as management transport, replication transport, and backup transport, and allowing cleartext HTTP sessions are other critical vulnerabilities. Lack of central user management also creates security risks, making it essential for enterprises to address these vulnerabilities. Common Vulnerability and Exposure (CVE) records highlight the severity of these vulnerabilities, with close to 20 percent of storage devices being badly exposed and around 70 different CVEs detected in sampled storage environments. These vulnerabilities can be used to exfiltrate files, initiate denial-of-service attacks, take ownership of files, and block devices.
Ransomware weaknesses are another critical concern, as modern storage devices often have ransomware detection and prevention capabilities that are overlooked or misconfigured. This leaves storage and backup systems susceptible to ransomware attacks. Storage and backup systems have a significantly weaker security posture than compute and network infrastructure layers, making them vulnerable to devastating consequences, including ransomware attacks, data breaches, and denial-of-service attacks.
To address these concerns, enterprises must prioritize storage security and implement robust measures to protect their systems. This includes conducting regular security audits and patching, implementing robust encryption methods, disabling legacy protocols and cipher suites, enabling ransomware detection and prevention capabilities, and investing in storage security solutions. The newer report in 2023 by Continuity didn’t exactly instill confidence. What should Pakistani enterprises do?
Implications for Pakistani Enterprises
Pakistani enterprises are not immune to these vulnerabilities, and as the country’s digital landscape continues to grow, cybersecurity is no longer a luxury but a necessity. To safeguard their digital assets, Pakistani businesses must prioritize storage security, develop a comprehensive cybersecurity strategy, establish incident response plans, provide employee training and awareness programs, and regularly review and update security policies. By doing so, Pakistani enterprises can prevent data breaches, reduce downtime, ensure business continuity, protect sensitive customer information, and maintain customer trust and confidence.
The alarming vulnerabilities in enterprise storage demand immediate attention. By prioritizing storage security and implementing robust measures, organizations can protect themselves from devastating attacks and secure their digital frontier.
Read more at:
https://www.continuitysoftware.com/resources/the-state-of-storage-security-report/
https://www.continuitysoftware.com/resources/the-state-of-storage-backup-security-report-2023
