Cyber Threat Overview from Finland’s Perspective
December 9, 2020
The recent news on cyber security breaches hopefully have opened the eyes of many organizations on how to handle and revise their information security practices and processes. The harsh reality is that there are 116 200 observations of suspected compromise or publicly exposed vulnerable services distributed among 3 750 enterprises and organizations in Finland alone. Current observations are taken from the last few weeks. How do we know this? Because we continuously monitor these threats (Figure 1).
Figure 1. Observations in Finland during the year 2020.
97 000 of the observed devices fall into a category of publicly exposed known vulnerable software or a misconfigured service. Depending on the known vulnerability, a system can be compromised, its data exfiltrated, or made inoperable. The same concerns to misconfigured services. For example, a database left accessible with a simple or even default username and password opens up a straight gateway to organization’s data. In the worst scenarios, vulnerabilities impact financially, damage businesses’ reputation, and cause big time legal consequences.
Arctic Hub Automates Threat Information Distribution
The primary remediating action for organizations is to patch vulnerable services, fix unintended configurations, and block inbound access to services that do not need to be exposed to the internet. The number of vulnerable devices in Finland indicates that many companies struggle to find and fix all issues. Managing existing vulnerabilities while taking care of all new ones emerging every day poses a great challenge. Responding timely to threats requires fully automated large-scale data collection, processing, and targeted notification.
By utilizing third-party threat data sources, Arctic Hub finds compromises and vulnerabilities in your systems automatically. It helps you to stay a step ahead of new vulnerabilities to secure your daily business and operations. Arctic Security’s products and services share real-time information about compromised machines and vulnerabilities in the networks of your organization. It automatically shares information relevant to you about threat observations. Targeted notification helps you react to incidents so that you can protect yourself before they cause serious harm. Arctic Security enables you to benefit from cyber security services also through our partner network. This makes it easy for organizations of different size and type to take threat information to your everyday activity. For instance, in Finland, a service built on Arctic Hub can be accessed from KPMG as part of their Threat Intelligence Service.