Known vulnerabilities pose the biggest threat
Known vulnerabilities for which patches have already been made available are the primary vehicle for cyberattacks, according to a report released today by Tenable.
The Tenable Research team analyzed cybersecurity events, vulnerabilities and trends throughout 2022, including 1,335 data breach incidents publicly disclosed between November 2021 and October 2022.
The events analyzed account for more than 2.29 billion records being exposed, adding up to 257 Terabytes of data. More than three percent of all data breaches identified were caused by unsecured databases, accounting for leaks of over 800 million records.
Top exploited vulnerabilities include several high-severity flaws in Microsoft Exchange, Zoho ManageEngine products and virtual private network solutions from Fortinet, Citrix and Pulse Secure. For the other four most commonly exploited vulnerabilities -- including Log4Shell; Follina; an Atlassian Confluence Server and Data Center flaw; and ProxyShell -- patches and mitigations were highly publicized and readily available. In fact, four of the first five zero-day vulnerabilities exploited in the wild in 2022 were disclosed to the public on the same day the vendor released patches and actionable mitigation guidance.
"The data highlights that long-known vulnerabilities frequently cause more destruction than the shiny new ones," says Bob Huber, chief security officer and head of research at Tenable. "Cyberattackers repeatedly find success exploiting these overlooked vulnerabilities to obtain access to sensitive information. Numbers like these conclusively demonstrate that reactive post-event cybersecurity measures aren't effective at mitigating risk. The only way to turn the tide is to shift to preventive security and exposure management."
As well as vulnerability and misconfiguration analysis, the report examines prolific attack groups and their tactics. Ransomware remained the most common attack method used in successful breaches. The LockBit ransomware group, a known user of double and triple extortion tactics, dominates the ransomware sphere, accounting for 10 percent of analyzed ransomware incidents.
The full report is available from the Tenable site.
Image credit: billiondigital/depositphotos.com