Zero-Day Surge Led to More Rapid Exploitation of Bugs in 2021

  /     /     /  
Publicated : 23/11/2024   Category : security


Zero-Day Surge Led to More Rapid Exploitation of Bugs in 2021


New vulnerability study shows how attacker economies of scale have shaped the risk landscape.



Twice as many zero-day software vulnerabilities were exploited last year before vendors even had the chance to patch them than in 2020, and more than half of the most impactful vulnerabilities started with a zero-day exploit, a new study shows.
Rapid7 studied the 50 most high-impact vulnerabilities from 2021 that were most likely to threaten businesses, 43 of which were exploited in the wild -- including 20 that were exploited before a patch was available. The research shows that more than half of the exploited vulnerabilities in the study were exploited in attacks within a week of their public disclosure, and the average time to known exploitation accelerated to 12 days in 2021 from 42 days in 2020.
Not surprisingly, some 60% of the widespread vulnerability threats have been deployed in ransomware attacks, as overall, wide-swath attacks that were less targeted and more opportunistic rose last year, the report says.
Attacker economies of scale have played a big part here — its increasingly common for critical vulnerabilities in popular technology to be weaponized quickly by ransomware and coin-mining groups whose operations rely on widespread exploitation to profit. Weve also seen instances where two or three or more APT groups are exploiting critical vulnerabilities alongside more opportunistic attackers, says Caitlin Condon, vulnerability research manager at Rapid7. And the industry is seeing more of these attacks because theres more visibility and sharing of that information, she says.
Theres consensus that zero-day attacks hit an all-time high in 2021. We intentionally werent indexing on zero-day exploits in our data, and still we saw a big uptick in zero-day attacks. Worse, more than half of *widespread* threats began with a zero-day exploit. Thats insane, Condon tweeted today.
According to
Rapid7s report
, which details the vulnerabilities and attack chain trends including the
well-documented Microsoft Exchange
and
Windows Print Spooler
vulns exposed and attacked last year, the surge in zero-day attacks was the main reason for the narrowed window in exploitation time, all of which put organizations under added pressure to respond to the newest threats and patching response.
First and foremost, security and IT teams have been operating in a highly elevated threat climate. We can validate that with data — these folks have been working triple-time combating threats over the past year and a half, and their jobs have included complex risk communications as well as actual operations work. Many of them have been working with limited resources in part because of the lingering effects of the pandemic, Condon told Dark Reading. Second, in a world where mass exploitation is starting within days or hours of disclosure, its critically important for organizations to be good at the basics of vulnerability risk management so they can define and iterate on emergency procedures.
Layered defense, too, is key here, Condon says. One of the most paradoxical parts of an elevated risk climate is that guidance remains steady. Think of this as weathering a tough economy: Diversify, dont panic, and take a long view.

Last News

▸ CryptoWall is more widespread but less lucrative than CryptoLocker. ◂
Discovered: 23/12/2024
Category: security

▸ Feds probe cyber breaches at JPMorgan, other banks. ◂
Discovered: 23/12/2024
Category: security

▸ Security Problem Growing for Dairy Queen, UPS & Retailers, Back off ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Zero-Day Surge Led to More Rapid Exploitation of Bugs in 2021