A new study by Duo Security uncovered some alarming but sadly unsurprising news: more than half of the 2 million devices they looked at for a report were running out-of-date, unprotected software. Whether it was lack of antivirus protocols or operating systems and apps that hadn’t been updated when a patch was released, these devices were therefore vulnerable to hacking, data breaches, ransomware, and more.
According to an article on the study by eSecurityPlanet, “The two million devices we saw are devices used by our customer’s employees to access one or more enterprise applications,” Ash Devata, vice president of Product at Duo. Sean Michael Kerner of eSecurityPlanet added, “The Duo research found that 80 percent of the devices scanned were using Flash, while 32 percent of employees were running older unpatched versions of Microsoft’s Internet Explorer. In addition, 22 percent of the scanned devices were running outdated versions of Java.”
One of the pieces of information to come out of the currently unresolved Apple vs FBI locked iPhone issue is the fact that the county government who owned Syed Farook’s iPhone was paying a monthly service charge for monitoring and access to the phone, but that they had never set it up. That does make taxpayers wonder how many other devices are in the same boat, and what the total monthly bill is for services that device owners aren’t using. It stands to reason that the county government in San Bernardino has no idea what security flaws are currently in place on any of their tech, if they didn’t even know they were paying for a service they’d never activated.
Hopefully, reports like those from Duo Security will shed more light on a security issue that far too many individuals and businesses alike face: the lack of up-to-date software running on highly sensitive technology.