One in every 50 companies worldwide could be affected by ‘wormable’ Windows vulnerability

Nearly 2 percent of over 4 million companies modelled by Corax were found to be exposed to a recently disclosed flaw in widely used Microsoft Windows operating systems called remote desktop services (RDP).

The flaw, a vulnerability referred to as CVE-2019-0708, can be exploited when an RDP port is open to the internet. It is considered ‘wormable’, meaning that it has the potential to be used in malware that spreads by itself across and between networks.

This is significant because it could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017, which caused an estimated $8 billion loss to businesses, according to A.M.Best.

As a comparison, of the roughly 400 million actively used Windows 7 computers at the time of the WannaCry event, only approximately 0.1 percent were infected.

In the past few weeks Corax has provided insurance carrier customers with urgent analysis of their portfolio exposure to the RDP vulnerability and to another major cyber security issue, the outage of Wolters Kluwer.

Wolters Kluwer makes the software on which many of the world’s small and midsized accounting firms run. It took some of its cloud-based software applications offline for 48 hours last week following discovery of malware attack.

The event is another demonstration of the potential for large numbers of companies worldwide to be affected simultaneously based on their shared reliance on the same software. It is also significant because attacking the “software supply chain”, especially enterprise software that is used across a particular industry or sector, is an increasingly popular tactic for sophisticated hackers, including groups associated with nation-states.

In the case of both events the output from the Corax platform was identification of the companies potentially affected, enabling the insurers to rapidly make risk management decisions and notify their customers.

Corax’s Cyber Risk Modelling and Prediction platform contains security and loss data on millions of interconnected companies worldwide. This means it can provide unrivalled visibility on cyber exposure.

If you want insight on a particular sector or technology please do get in touch and we’ll be happy to help.