If a building has twenty exterior doors and you lock nineteen of them, does that make you 95% secure? We call this question the “20 doors” problem. The answer: of course not, since the bad guys won’t have much trouble finding the 20th door. They’re smart like that, you know.
In the realm of Cybersecurity, we often fall prey to the 20 doors problem. What are the greatest vulnerabilities on your network? Your website? User passwords? DNS? Phishing attacks? Perhaps. But what about SMB?
SMB stands for Server Message Block. It’s a Microsoft-driven protocol for sharing files, printers, and other devices on a Windows network, including over the Internet. And even though it’s been around for over 20 years, it’s the 20th door that many hackers love jimmying with their credit cards.
Frankly, I had never heard of SMB until I visited an eye-opening website that Deutsche Telekom recently launched. This site reports in real time ongoing attacks on a hundred sensors that Deutsche Telekom carefully planted around the world. These “honey pots” present ostensibly juicy targets for hackers, who are unaware that they are traps set for the unwary.
This “Alliance for Cyber-Safety” site reveals some interesting facts, even given that the sensors do not necessarily represent all possible targets in a statistically random fashion. First, in spite of recent news that certain Chinese hackers have been mounting a coordinated attack on US interests, the site shows that Russian hackers vastly outnumber hackers from other countries. In fact, China is well down the list, behind Argentina. And before you conclude that all Chinese hacking comes from the mainland, note that Taiwan is second only to Russia in hacking attempts.
But the most eye-opening realization from this site is that attacks on SMB swamp all other target types combined. It seems that 20th door to our building is a barn door made of straw. You may be focusing your Cybersecurity efforts on your website and your email, but the hackers are targeting your file and print sharing. In fact, they may have long since copied all the files off of your shared drives. Yes, you should close that barn door, but I’m afraid the proverbial horse has already done a runner.
