While cyber attacks gain momentum in parallel with the increase in digitalization, large companies operating in the private sector experience the effects of these attacks, especially in the form of financial and reputational losses. ‘Türkiye’s 500 largest companies’, announced by Fortune Türkiye are evaluated in terms of potential cyber security risks in the sector and the precautions to be taken in the Türkiye Attack Surface Report for the first quarter of this year, by SwordSec, a cybersecurity company that is a member of the Turkish Cyber Security Cluster. Nearly 30 of these companies operate in the textile sector according to the 2021 ranking.
For the study, the companies’ digital assets, e-mail security, web servers, active vulnerable servers, critical ports and services, and DNS security were examined in the report. The e-commerce and textile sectors operating in Türkiye are stated to be the riskiest groups in terms of the specified criteria. The report contains data on 84,100 active subdomains and 14,478 open ports or active services belonging to companies operating in 39 sectors.
The risk factor increases as the attack surface expand
The digital traces of the systems, their digital assets, the technologies they use, versions, secret keys and application paths play a role in the expansion of the attack surface, which refers to all areas of a company, system or critical infrastructure that are open to attackers. The more these digital assets and traces, the higher the threat and risk factor. Attackers focus on the attack surface to take over systems, and any information they can get about the systems is very important.
The lack of SSL certificate is the most in textile sector
It is underlined that companies in the Türkiye’s ecosystem have a higher than normal attack surface in the evaluation part of the report. An inadequate number of information security managers in companies, lack of knowledge and necessary technological tools/products/services are listed as the reasons for this situation.
The report points out the cyber attacks mostly source back to the web and explains that textile is the sector where the lack of SSL (Secure Socket Layer) certificate, which prevents data from reading on websites by being encrypted, is the most.
What precautions should be taken against cyber attacks?
Deficiencies in e-mail authentication methods and web server security, and errors in page titles attract attackers and open the door to cyber attacks. The report draws attention to the fact that many companies use a service provider originating abroad in their e-mail infrastructure and advises companies to configure their own mail servers for e-mail security.
Some of the measures that can be followed to reduce the attack surface are listed as follows: not opening background services of websites and applications to the outside (database, cloud storage, etc.), raising awareness of employees about using strong passwords and password security, configuring services running on servers, closing old services on the server, keeping the services running on the servers up-to-date, turning off header information that could cause information leakage in the server’s responses to connections.
“Big companies can get attacked with small vulnerabilities”
Regarding the data in the report, SwordSec Siber Güvenlik Teknolojileri A.Ş. General Manager Seyfullah Kılıç stated that cyber spies are targeting large companies today. Kılıç, remarking that this shows that the purpose of cyber attackers is to make money, underlined that large companies can get attacked with small vulnerabilities and the result can be devastating, considering today’s technological development. Kılıç said: “Almost all of the attacks made in recent years at the level of states and companies are targeted cyber attacks. Companies must be protected by constantly monitoring themselves. They need to follow up-to-date vulnerabilities and provide staff with remarkable cyber security training.”