Mid-year report says vulnerabilities up 22% in 2020

Mobile operating system vulnerabilities themselves are up 50%

Skybox Security released a midyear update to its 2020 Vulnerability and Threat Trends Report. Per the report, not only have new ransomware and trojan samples soared during the pandemic, but vulnerability reports are also likely to hit a new record in 2020.

According to Skybox Security, organizations’ rush to create remote workforces and secure expanded network perimeters while also facing under-resourced security programs amid the coronavirus outbreak has given cybercriminals and nation-state threat actors leverage. 

“While organizations were vulnerable and distracted, hackers developed new ransomware samples and advanced existing tools to attack critical infrastructure — including vital research labs and health care organizations,” says the report.

In the first half of 2020, over 9,000 new vulnerabilities were reported, marking a 22% increase in reports published over the same period in 2019. Skybox Security says we’ll see more than 20,000 new vulnerabilities this year too.

Vulnerabilities on mobile operating systems have increased by 50% during these first six months too. Skybox Security says this surge is driven solely by Android flaws. Skybox Security also attributed the rise in vulnerabilities to individuals and organizations blurring the line between corporate and personal networks during this shift to remote working.

New ransomware and malware samples have soared amid the COVID-19 pandemic too, though Skybox Security claims cryptocurrency miners and worms have had fewer new samples created compared to 2019. 

“These trends should focus the need for organizations to improve access controls and gain visibility of all ingress and egress points to their network infrastructure,” the report states.

A drastic increase in vulnerabilities can overwhelm IT teams. To prepare for such vulnerabilities, Skybox Security recommends having an infrastructure-wide view of corporate assets, aalyzing network paths and access to critical systems, addressing critical risk vulnerabilities on vital assets and secure configuration of  VPN, firewalls, security and networking devices, and all other gateways.

The report explains further, “The best form of defense against ransomware attacks is to ensure that they never happen in the first place. This can be achieved by modeling your entire attack surface — including infrastructure, assets and vulnerabilities — to gain full and unerring visibility over your entire security environment, understanding the context that surrounds your critical assets and vulnerabilities, and establishing remediation strategies that empower you to target your most exposed flaws before criminals can exploit them.”

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Recommended

Microsoft touts new cyber security help for nonprofits
cyber security

Microsoft touts new cyber security help for nonprofits

22 Oct 2021
A quarter of all malicious JavaScript is obfuscated
hacking

A quarter of all malicious JavaScript is obfuscated

20 Oct 2021
Organizations warned of ransomware risk from smaller operators
ransomware

Organizations warned of ransomware risk from smaller operators

19 Oct 2021
Iranian hacking group continues to target US citizens
hacking

Iranian hacking group continues to target US citizens

18 Oct 2021

Most Popular

UK spy agencies supercharge espionage efforts with AWS data deal
cloud computing

UK spy agencies supercharge espionage efforts with AWS data deal

26 Oct 2021
Cryptocurrency: Should you invest?
cryptocurrencies

Cryptocurrency: Should you invest?

27 Oct 2021
Royal Mint to recover gold from smartphones and laptops in world first
Technology

Royal Mint to recover gold from smartphones and laptops in world first

21 Oct 2021