Half of Global FTP Servers Lack Encryption, Exposing Data to Risks
AI-generated from multiple sources. Verify before acting on this reporting.
WASHINGTON — Approximately half of the 6 million internet-facing File Transfer Protocol (FTP) servers currently in operation lack encryption, leaving sensitive data vulnerable to interception and security breaches, a new analysis by cybersecurity firm Censys reveals.
The report, released Monday, indicates that unencrypted FTP servers remain widespread across the globe, with the highest concentrations found in the United States, China, Germany, Hong Kong, Japan, and France. These servers, which facilitate the transfer of files between computers, transmit data in plain text when encryption is not enabled. This configuration allows unauthorized actors to monitor network traffic and potentially steal credentials, intellectual property, or personal information.
FTP, a standard network protocol used for transferring files, has been in use for decades. While secure variants such as FTPS and SFTP exist, the legacy protocol continues to be deployed extensively. The lack of encryption means that usernames and passwords sent during the login process are not protected, making them susceptible to eavesdropping by anyone with access to the network path.
Censys, a search engine for internet-connected devices, identified the unencrypted servers through its global scanning infrastructure. The findings highlight a persistent gap in cybersecurity practices among organizations managing these systems. Experts note that while the risks are well-documented, the transition to encrypted alternatives has been slow, particularly in legacy environments where older systems remain in operation.
The geographic distribution of vulnerable servers suggests that the issue is not confined to a single region or sector. The United States and China account for a significant portion of the unencrypted infrastructure, followed by major economies in Europe and Asia. This widespread exposure underscores the challenge of securing internet-facing services on a global scale.
Security researchers emphasize that the use of unencrypted FTP creates a significant attack surface for malicious actors. Without encryption, data transmitted over these connections can be read in real time, allowing attackers to intercept sensitive information without needing to compromise the server itself. This vulnerability is particularly concerning for organizations handling confidential or regulated data.
Despite the clear risks, the reasons behind the continued use of unencrypted FTP remain unclear. Some organizations may rely on outdated systems that do not support modern encryption standards, while others may lack the resources or expertise to implement secure alternatives. The persistence of these vulnerabilities suggests a broader issue of cybersecurity awareness and infrastructure modernization.
As of now, no specific incidents have been linked to the unencrypted servers identified in the report. However, the potential for exploitation remains high, and security experts urge organizations to audit their FTP infrastructure and transition to encrypted protocols. The findings serve as a reminder of the ongoing challenges in securing the internet's foundational technologies.
The full extent of the impact of these unencrypted servers is still being assessed. Whether organizations will take immediate action to address the vulnerabilities remains to be seen, as the transition to secure alternatives requires technical adjustments and resource allocation. The cybersecurity community continues to monitor the situation for any signs of exploitation or further developments.