The cyber security vulnerability management platform released its latest 2022 Global Vulnerability Intelligence Report, outlining the current exploitation trends bad actors follow.
Rapid7 discovered that the time between a vulnerability being discovered and being exploited is getting shorter and shorter. Zero-day exploits, while slightly less frequent in 2022, were the source of 43% of widespread threats, while 56% of all vulnerabilities analysed in the report were exploited within seven days of being found.
“The ransomware ecosystem and the cybercrime economy have continued to mature and evolve,” said Rapid7 vulnerability research manager and lead author of the report Caitlin Condon.
“We saw many more ransomware families actively compromising organisations in 2022, which naturally creates challenges for threat tracking and reporting.”
“As a result, cyber security organisations and security teams are fighting an uphill battle with an increasing gradient, as they have less and less time to patch these vulnerabilities.”
Combined with a skills shortage that’s leaving teams without resources and staff and hacking groups becoming more sophisticated, defending against vulnerability exploitation is getting drastically more difficult, according to the report.
There has also been a 33% drop year over year in vulnerabilities mapped definitely to ransomware operations, with only 14 of the reported vulnerabilities meeting that criterion.
However, this doesn’t mean that attackers are slowing down, but rather that their methods are getting more complex and have lower industry visibility, making things harder again for businesses.
“Security, IT, and other teams tasked with vulnerability management and risk reduction operate in high-urgency, high-stakes environments where informed decision-making hinges on the ability to quickly separate signal from noise,” the report found.
“When a new potential threat emerges, information security professionals often find themselves needing to translate vague descriptions and untested research artifacts into actionable intelligence for their own particular risk models.”
Twenty-eight net-new widespread threats were detected by Rapid7 in 2022, many of which exploited vulnerabilities to deliver ransomware, botnet malware, web shells, and/or cryptocurrency miners.
In light of the new findings, Rapid7 has advised that businesses have emergency planning procedures and incident response playbooks in place and invest in resources and training employees to secure defences.
“Businesses can also follow a defined patch cycle that includes prioritisation of network edge technologies like firewalls and virtual private servers (VPS) and actively exploited common vulnerabilities and exposures (CVEs), maintain operating system level updates, and ensure that internet exposure of critical infrastructure is limited and monitored,” the report said.
How we help
Ready to protect your business? My Business Cyber offers a complete solution to test, train and measure awareness, reducing the risk of human error. Protect your business from cyber scams and attacks with automated staff training, phishing simulations, tools, and resources.
