Security researchers are often seen securing their assets from cyber-attacks by various means. But a new report from the threat intelligence firm Alert Logic says that hackers are most interested in carrying out attacks on TCP ports numbered 22,80 and 443 which correspond to SSH(Secure Shell), the HTTP(Hypertext Transfer Protocol) and the HTTPS(Hypertext Transfer Protocol Secure).
Alert Logic says that it makes sense that these 3 TCP ports are vulnerable to hackers as they have to remain open for communication always- no matter in secured or plain text state.
After the above-mentioned ports, Microsoft’s Remote Desktop Protocol (RDP) stands 4th when the vulnerability scale is taken into account. Then comes the File Transfer Protocol(FTP) which is often seen as a communication medium for printers, cameras, and UPS.
Houston based Alert Logic says that users of these ports can mitigate risks by keeping the hardware updated with the required software and service that allow these ports to be fully functional.
On an additional note, organizations should stop using weak encryption and obsolete software such as Windows 7, Win NT, Win XP and another Win server 2003 as they make the lateral movement of the threat actors too easy.
The menace doesn’t end with outdated Microsoft operating systems but also takes place with Linux Operating systems which run on outdated kernel.
Note- Alert Logic has compiled the report after analyzing the data from more than 5k cyber-attacks which took place daily in a time frame of 6 months i.e from Nov’18 to April’19.