Is the SMB Protocol an Open Door to Network Intruders?

Is the SMB Protocol an Open Door to Network Intruders?

If a building has twenty exterior doors and you lock nineteen of them, does that make you 95% secure? We call this question the “20 doors” problem. The answer: of course not, since the bad guys won’t have much trouble finding the 20th door. They’re smart like that, you know.

In the realm of Cybersecurity, we often fall prey to the 20 doors problem. What are the greatest vulnerabilities on your network? Your website? User passwords? DNS? Phishing attacks? Perhaps. But what about SMB?

SMB stands for Server Message Block. It’s a Microsoft-driven protocol for sharing files, printers, and other devices on a Windows network, including over the Internet. And even though it’s been around for over 20 years, it’s the 20th door that many hackers love jimmying with their credit cards.

Frankly, I had never heard of SMB until I visited an eye-opening website that Deutsche Telekom recently launched. This site reports in real time ongoing attacks on a hundred sensors that Deutsche Telekom carefully planted around the world. These “honey pots” present ostensibly juicy targets for hackers, who are unaware that they are traps set for the unwary.

This “Alliance for Cyber-Safety” site reveals some interesting facts, even given that the sensors do not necessarily represent all possible targets in a statistically random fashion. First, in spite of recent news that certain Chinese hackers have been mounting a coordinated attack on US interests, the site shows that Russian hackers vastly outnumber hackers from other countries. In fact, China is well down the list, behind Argentina. And before you conclude that all Chinese hacking comes from the mainland, note that Taiwan is second only to Russia in hacking attempts.

But the most eye-opening realization from this site is that attacks on SMB swamp all other target types combined. It seems that 20th door to our building is a barn door made of straw. You may be focusing your Cybersecurity efforts on your website and your email, but the hackers are targeting your file and print sharing. In fact, they may have long since copied all the files off of your shared drives. Yes, you should close that barn door, but I’m afraid the proverbial horse has already done a runner.

Share the Post:
data observability

Data Observability Explained

Data is the lifeblood of any successful business, as it is the driving force behind critical decision-making, insight generation, and strategic development. However, due to its intricate nature, ensuring the

Heading photo, Metadata.

What is Metadata?

What is metadata? Well, It’s an odd concept to wrap your head around. Metadata is essentially the secondary layer of data that tracks details about the “regular” data. The regular