Skip to Content
Uncategorized

Internet-Wide Scan Finds Hundreds of Thousands of Ready-Made Backdoors

Many poorly-secured company servers are exposed online, offering attackers ready made backdoors to wipe or steal data

A security researcher that (gently) probed every computer on the Internet to discover hundreds of thousands of unsecured systems (see “When One Man Pinged the Whole Internet”) has now repeated the exercise to find hundreds of thousands of servers that could be trivially taken over by an attacker.

HD Moore, chief research officer at Rapid7, did a fresh scan of the Internet after hearing about vulnerabilities in a standard component of servers that allows them to be monitored and controlled remotely. Independent researcher Dan Farmer recently showed that flaws in the design of many Baseboard Management Controllers (BMCs) mean they could all too easily provide unauthorized access and control, too.

Moore’s scan found 308,000 BMCs that used the problem protocol identified by Farmer. A total of 53,000 of them were configured in a way that allows access without a password; 195,000 stored passwords and other credentials unencrypted; 99,000 exposed encoded passwords that could be cracked by an attacker (Moore says that he unscrambled 10 percent in a preliminary test); 35,000 had vulnerabilities in the Universal Plug and Play protocol that Moore’s previous Internet scan highlighted.

Moore explains the consequences of what he found like this in an FAQ document:

“An attacker that is able to compromise a BMC should be able to compromise its parent server. Once access to the server is gained, the attacker could copy data from any attached storage, make changes to the operating system, install a permanent backdoor, capture credentials passing through the server, launch a denial of service attack, or simply wipe the hard drives.”

That information released by the researchers doesn’t reveal anything about what types of organizations are at risk, but the numbers make it clear that the problem is widespread. Moore told Wired that “essentially every modern company and government on the planet” relies on the flawed BMC protocol examined in his study.

These new results underline what Moore told us earlier this year, when speaking about his initial project to ping the entire Internet. Most public attention and industry effort is focused on the security of the computers on people’s desks, but it seems to common for powerful, core parts of IT systems to be exposed online.

Deep Dive

Uncategorized

Investing in people is key to successful transformation

People-related factors like talent attraction and retention and clear top-down communication will determine whether your transformation progresses or stalls.

Work reinvented: Tech will drive the office evolution

As organizations navigate a new world of hybrid work, tech innovation will be crucial for employee connection and collaboration.

The way forward: Merging IT and operations

Digital transformation in any industry begins with bridging the gap between two traditionally separate teams.

be a good example concept
be a good example concept

Be a good example

"It was in the newspaper, but the towers fell the next day, and what I’d done was quickly lost."

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.