We’re excited to bring Transform 2022 back to life on July 19th and virtually July 20-28. Join AI and data leaders for sensible conversations and exciting networking opportunities. Register today!
A new report from Skybox Research Lab states that 20,175 new vulnerabilities were released in 2021, the highest vulnerabilities recorded in a single year. And these new vulnerabilities are just the tip of the iceberg. The total number of vulnerabilities published in the last 10 years has reached 166,938 in 2021 – a threefold increase in a decade. This report provides an in-depth look at how quickly cybercriminals capitalize on new security vulnerabilities – it shrinks the window that organizations must address vulnerabilities before an attack.
Operational technology (OT) vulnerabilities have increased by 88%, used to attack critical infrastructure and expose critical systems to potentially catastrophic breaches. OT systems support energy, water, transportation, environmental control systems and other essential equipment. Attacks on these vital assets can cause serious economic damage and even endanger public health and safety.
As new vulnerabilities emerge in 2021, threatening actors have not wasted any time in taking advantage of it. The 168 vulnerabilities published in 2021 were immediately absorbed into the wild within 12 months – 24% more than the vulnerabilities published and exploited in 2020. In other words, risky artists and malware developers are getting better at using the latest vulnerabilities as weapons.
New cryptojacking programs targeting known vulnerabilities have grown by 75% year on year, with a 42% increase in ransomware. Both cases demonstrate how the malware industry is becoming better at taking advantage of emerging business opportunities, providing a range of tools and services used by experienced cybercriminals and inexperienced novices.
The report paints a vivid picture of the new reality against CISOs and their teams. The findings show how vulnerabilities – especially in OT – are growing at an unprecedented rate, but how risky artists have become better and faster at capitalizing on them with a range of new malware and exploits.
All of the findings in the report, unless otherwise noted, are based on data from the Skybox Research Lab, a dangerous intelligence division of Skybox Security.
Read the full report by Skybox Research Lab.
Venturebeat’s mission Transformative Enterprise is about to become a digital town square for technology decision makers to gain knowledge about technology and transactions. Learn more about membership.