Mid-year report says vulnerabilities up 22% in 2020

Mobile operating system vulnerabilities themselves are up 50%

Skybox Security released a midyear update to its 2020 Vulnerability and Threat Trends Report. Per the report, not only have new ransomware and trojan samples soared during the pandemic, but vulnerability reports are also likely to hit a new record in 2020.

According to Skybox Security, organizations’ rush to create remote workforces and secure expanded network perimeters while also facing under-resourced security programs amid the coronavirus outbreak has given cybercriminals and nation-state threat actors leverage. 

“While organizations were vulnerable and distracted, hackers developed new ransomware samples and advanced existing tools to attack critical infrastructure — including vital research labs and health care organizations,” says the report.

In the first half of 2020, over 9,000 new vulnerabilities were reported, marking a 22% increase in reports published over the same period in 2019. Skybox Security says we’ll see more than 20,000 new vulnerabilities this year too.

Vulnerabilities on mobile operating systems have increased by 50% during these first six months too. Skybox Security says this surge is driven solely by Android flaws. Skybox Security also attributed the rise in vulnerabilities to individuals and organizations blurring the line between corporate and personal networks during this shift to remote working.

New ransomware and malware samples have soared amid the COVID-19 pandemic too, though Skybox Security claims cryptocurrency miners and worms have had fewer new samples created compared to 2019. 

“These trends should focus the need for organizations to improve access controls and gain visibility of all ingress and egress points to their network infrastructure,” the report states.

A drastic increase in vulnerabilities can overwhelm IT teams. To prepare for such vulnerabilities, Skybox Security recommends having an infrastructure-wide view of corporate assets, aalyzing network paths and access to critical systems, addressing critical risk vulnerabilities on vital assets and secure configuration of  VPN, firewalls, security and networking devices, and all other gateways.

The report explains further, “The best form of defense against ransomware attacks is to ensure that they never happen in the first place. This can be achieved by modeling your entire attack surface — including infrastructure, assets and vulnerabilities — to gain full and unerring visibility over your entire security environment, understanding the context that surrounds your critical assets and vulnerabilities, and establishing remediation strategies that empower you to target your most exposed flaws before criminals can exploit them.”

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now

Recommended

Chipotle’s marketing email hacked to send phishing emails
phishing

Chipotle’s marketing email hacked to send phishing emails

29 Jul 2021
Dark web ads offering access to corporate networks increase sevenfold
hacking

Dark web ads offering access to corporate networks increase sevenfold

28 Jul 2021
Number of hacking tools increasing as cyber criminals become more organized
hacking

Number of hacking tools increasing as cyber criminals become more organized

28 Jul 2021
Criminals target Discord to spread malware
live chat

Criminals target Discord to spread malware

26 Jul 2021

Most Popular

RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Tesla Megapack goes up in flames at Australian battery site
Hardware

Tesla Megapack goes up in flames at Australian battery site

30 Jul 2021
PwnedPiper flaws threaten infrastructure of 80% of US hospitals
Security

PwnedPiper flaws threaten infrastructure of 80% of US hospitals

2 Aug 2021