External Vulnerability Management (eVUMA) – not optional, it’s a duty

In order to cope with the constantly changing threat landscape, nowadays, having to permanently check for vulnerabilities and optimise your own IT infrastructure is part of every company’s compulsory programme. These days a permanent external scan carried out by experts – also called “external vulnerability management” (eVUMA) – is more important than ever. In this article, you can read a field report from our InfoGuard CSIRT that highlights the urgency of the issue, as well as good reasons why professional eVUMA is beneficial.

It cannot be overstated that the threat landscape is subject to constant change, although this is nothing new. Our InfoGuard Computer Security Incident Response Team (CSIRT) has been noticing for some time that attackers are increasingly striking via vulnerabilities that are exposed to the Internet. For example, in 2021 over 50% of the damage caused by cyber-attacks that our CSIRT dealt with originated from an exposed vulnerability. In some successful attacks, the vulnerability that was exploited occurred years earlier. Our experts are predicting that this situation will continue to worsen.

Exchange vulnerability 2021 – one of the big showcase incidents


Back in March 2021, immediately after the vulnerability became public, we published an article on Microsoft Exchange vulnerabilities. To summarise, on 2 March 2021, Microsoft reported a serious vulnerability. Of course, immediately after it was published, attackers were scouring the internet for vulnerable Exchange systems; or to put it more bluntly, the attackers swooped down like vultures on vulnerabilities that were easily compromised from the outside.

infoguard-cyber-security-ms-exchange-govcert-twitterIn five incidents it investigated, our CSIRT was able to ascertain that attackers gained access to the exposed Exchange in under 24 hours after the vulnerability was published. This year, we have already received reports of damage caused by the Exchange vulnerabilities. In addition, the NCSC (National Cyber Security Centre) recently reported that many Exchange systems in Switzerland still remain unpatched.

Exposed IT systems – a growing risk

The Exchange vulnerability is often mentioned in this context, but it is only one example of many other exposed vulnerabilities that are being created every day, and which often remain undetected.

A critical vulnerability exposed to the Internet can undoubtedly lead to a ransomware attack. It is negligence to fail to patch these immediately. This is because specialised attacker groups are constantly scanning the Internet to locate places of entry and break in, as it were.

External Vulnerability Management – 24/7 from the InfoGuard Cyber Defence Center

The bottom line is fairly obvious: protect your exposed IT systems and identify potential vulnerabilities – and do it before the attackers do, so that a successful cyber-attack does not happen. How? With our “External Vulnerability Management” (eVUMA) Service.

The external Vulnerability Management (eVUMA) service enables you to see your company from the attackers’ perspective. Our security experts scan your perimeter infrastructure daily from our ISO/IEC 27001-certified Cyber Defence Center (CDC) in Baar. As part of this service, we take full responsibility for the initial stages of the vulnerability management process, from daily scanning to reporting. As soon as a critical vulnerability that is exposed to the Internet appears, we handle the risk assessment of the vulnerability for you and contact you on a proactive basis. If needed, our experts will then be available to advise you in order for you to be able to remedy the vulnerability quickly and effectively.

The benefit to you is that when new high or critical vulnerabilities emerge in your exposed infrastructure, the response and information time is greatly reduced. This allows the system managers or CISOs to react to the threat as quickly as possible without having to monitor the external infrastructure 24/7 by themselves.

Interested? Contact us now for personalised advice.

Contact Form eVUMA

<< >>

Cyber Defence , Cyber Risks

Ernesto Hartmann
About the author / Ernesto Hartmann

InfoGuard AG - Ernesto Hartmann, Chief Cyber Defence Officer

More articles from Ernesto Hartmann

Related articles
[INFOGUARD CSIRT WARNING] When the ransomware arrives via VPN
[INFOGUARD CSIRT WARNING] When the ransomware arrives via VPN

Ransomware attacks have become a little quieter in recent weeks, but our CSIRT is now noticing an increase in [...]
Vulnerable despite vulnerability management – these are the challenges you face
Vulnerable despite vulnerability management – these are the challenges you face

It is given that cyber criminals make use of vulnerabilities to carry out their attacks. This makes it even [...]
Why a new record number of DDoS attacks are predicted in 2022
Why a new record number of DDoS attacks are predicted in 2022

Ransomware may have been particularly popular in 2021, but there is a good chance that once again in 2022, [...]

Exciting articles, the latest news and tips & tricks from our experts on all aspects of Cyber Security & Defence.

Blog update subscription
Social Media