Small to mid-sized businesses can keep safe from most cyber attacks by protecting the ports that threat actors target the most. Three of them stand out in a crowd of more than 130,000 targeted in cyber incidents. A report from threat intelligence and defense company Alert Logic enumerates the top weaknesses observed in attacks against over 4,000 of its customers.
According to the report, the ports most frequently used to carry out an attack are 22, 80, and 443, which correspond to SSH (Secure Shell), the HTTP (Hypertext Transfer Protocol), and the HTTPS (Hypertext Transfer Protocol Secure).
Alert Logic says that these appear in 65% of the incidents, and it makes sense since they need to be open for communication, be it secured or plain text.
Coming in fourth place is the port for Microsoft’s Remote Desktop Protocol (RDP), responsible for remote communication between machines. RDP attracted attention this year through multiple patches for vulnerabilities leading to remote code execution
https://www.bleepingcomputer.com/news/security/most-cyber-attacks-focus-on-just-three-tcp-ports/