Mid-year report says vulnerabilities up 22% in 2020

Mobile operating system vulnerabilities themselves are up 50%

Skybox Security released a midyear update to its 2020 Vulnerability and Threat Trends Report. Per the report, not only have new ransomware and trojan samples soared during the pandemic, but vulnerability reports are also likely to hit a new record in 2020.

According to Skybox Security, organizations’ rush to create remote workforces and secure expanded network perimeters while also facing under-resourced security programs amid the coronavirus outbreak has given cybercriminals and nation-state threat actors leverage. 

“While organizations were vulnerable and distracted, hackers developed new ransomware samples and advanced existing tools to attack critical infrastructure — including vital research labs and health care organizations,” says the report.

In the first half of 2020, over 9,000 new vulnerabilities were reported, marking a 22% increase in reports published over the same period in 2019. Skybox Security says we’ll see more than 20,000 new vulnerabilities this year too.

Vulnerabilities on mobile operating systems have increased by 50% during these first six months too. Skybox Security says this surge is driven solely by Android flaws. Skybox Security also attributed the rise in vulnerabilities to individuals and organizations blurring the line between corporate and personal networks during this shift to remote working.

New ransomware and malware samples have soared amid the COVID-19 pandemic too, though Skybox Security claims cryptocurrency miners and worms have had fewer new samples created compared to 2019. 

“These trends should focus the need for organizations to improve access controls and gain visibility of all ingress and egress points to their network infrastructure,” the report states.

A drastic increase in vulnerabilities can overwhelm IT teams. To prepare for such vulnerabilities, Skybox Security recommends having an infrastructure-wide view of corporate assets, aalyzing network paths and access to critical systems, addressing critical risk vulnerabilities on vital assets and secure configuration of  VPN, firewalls, security and networking devices, and all other gateways.

The report explains further, “The best form of defense against ransomware attacks is to ensure that they never happen in the first place. This can be achieved by modeling your entire attack surface — including infrastructure, assets and vulnerabilities — to gain full and unerring visibility over your entire security environment, understanding the context that surrounds your critical assets and vulnerabilities, and establishing remediation strategies that empower you to target your most exposed flaws before criminals can exploit them.”

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

Global ransom DDoS extortionists are retargeting companies
distributed denial of service (DDOS)

Global ransom DDoS extortionists are retargeting companies

22 Jan 2021
BEC scammers are using Google Forms to identify easy victims
phishing

BEC scammers are using Google Forms to identify easy victims

21 Jan 2021
FBI warns of ongoing corporate vishing attacks
phishing

FBI warns of ongoing corporate vishing attacks

19 Jan 2021
Hackers using COVID vaccine as a lure to spread malware
hacking

Hackers using COVID vaccine as a lure to spread malware

15 Jan 2021

Most Popular

School laptops sent by government arrive loaded with malware
malware

School laptops sent by government arrive loaded with malware

21 Jan 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021