Global Network Security: A Vulnerability Assessment of Seven Popular Outsourcing Countries

摘要

With increasingly more businesses engaging in offshore outsourcing, organisations need to be made aware of the global differences in network security, before entrusting a nation with sensitive information. In July 2011, Syn and Nackrst1 explored this topic by analysing seven countries from a wide spectrum across the globe for network security vulnerabilities. The countries selected were China, the United Kingdom, Germany, Russia, India, Mexico and Romania. Their method utilises Nmap and Nessus to probe and test for network vulnerabilities from each respective nation, in order to collect quantitative data for national vulnerability volumes. The Vulnerability statistics collected are of four categories, High, Medium, Low and Open Ports. This paper extends Syn and Nackrst1's work by constructing a more detailed analysis of their results, showing the number of real-world vulnerabilities per nation, the differences between national levels of network security, the ratios of vulnerabilities/IP address, and vulnerability summary rankings. Multiple causal factors are also looked at to quantify the reasoning behind the varying levels of vulnerabilities per nation. This paper concludes that each nation has millions of vulnerabilities of varying amounts, and therefore, each nation differs in network security levels. Mexico and India exhibited the most worrying statistics, with the highest number of high level vulnerabilities/IP address ratio. Ultimately, this paper highlights the vulnerability levels that organisations are faced with when engaging in foreign and domestic outsourcing.