Using Public Data to Alert Missouri Entities of Vulnerabilities

05.24.16

The Regents of the University of Michigan in collaboration with Google have created an indexer of all “things” on the Internet called Censys.io. Censys.io in many ways is like Google Search but for finding Internet connected devices based on various criteria. Censys.io is a publicly available research platform that scours the entire Internet and indexes devices, open ports, the services exposed, and so much more. Using this service, The Office of Cyber Security (OCS) identified over 9,000 hosts within geographical Missouri that were running unsupported Windows Server 2003 software. Microsoft stopped supporting Windows Server 2003 in July 2015. Using data from the Censys.io results and contact information from American Registry for Internet Numbers (ARIN), OCS created host reports for the 170+ entities involved and communicated with them directly (many of them belonging to major companies).

The overall response has been quite positive and enforces the direction of OCS’ involvement in assisting / collaborating with all forms of industry. OCS will continue to run similar reports in the future to reduce the overall risk to the State of Missouri and its citizens. If you have any questions about this project, please contact us.

category: Awareness
tags:

comment form

Comments are closed.