Mid-year report says vulnerabilities up 22% in 2020

Mobile operating system vulnerabilities themselves are up 50%

Skybox Security released a midyear update to its 2020 Vulnerability and Threat Trends Report. Per the report, not only have new ransomware and trojan samples soared during the pandemic, but vulnerability reports are also likely to hit a new record in 2020.

According to Skybox Security, organizations’ rush to create remote workforces and secure expanded network perimeters while also facing under-resourced security programs amid the coronavirus outbreak has given cybercriminals and nation-state threat actors leverage. 

“While organizations were vulnerable and distracted, hackers developed new ransomware samples and advanced existing tools to attack critical infrastructure — including vital research labs and health care organizations,” says the report.

In the first half of 2020, over 9,000 new vulnerabilities were reported, marking a 22% increase in reports published over the same period in 2019. Skybox Security says we’ll see more than 20,000 new vulnerabilities this year too.

Vulnerabilities on mobile operating systems have increased by 50% during these first six months too. Skybox Security says this surge is driven solely by Android flaws. Skybox Security also attributed the rise in vulnerabilities to individuals and organizations blurring the line between corporate and personal networks during this shift to remote working.

New ransomware and malware samples have soared amid the COVID-19 pandemic too, though Skybox Security claims cryptocurrency miners and worms have had fewer new samples created compared to 2019. 

“These trends should focus the need for organizations to improve access controls and gain visibility of all ingress and egress points to their network infrastructure,” the report states.

A drastic increase in vulnerabilities can overwhelm IT teams. To prepare for such vulnerabilities, Skybox Security recommends having an infrastructure-wide view of corporate assets, aalyzing network paths and access to critical systems, addressing critical risk vulnerabilities on vital assets and secure configuration of  VPN, firewalls, security and networking devices, and all other gateways.

The report explains further, “The best form of defense against ransomware attacks is to ensure that they never happen in the first place. This can be achieved by modeling your entire attack surface — including infrastructure, assets and vulnerabilities — to gain full and unerring visibility over your entire security environment, understanding the context that surrounds your critical assets and vulnerabilities, and establishing remediation strategies that empower you to target your most exposed flaws before criminals can exploit them.”

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

What is hacktivism?
hacking

What is hacktivism?

13 Oct 2020
Microsoft: Iranian hackers are exploiting ZeroLogon flaw
Security

Microsoft: Iranian hackers are exploiting ZeroLogon flaw

6 Oct 2020
The Ritz suffers data breach after hackers pose as staff
data breaches

The Ritz suffers data breach after hackers pose as staff

17 Aug 2020
Russia hacked Liam Fox's personal email to steal trade documents
phishing

Russia hacked Liam Fox's personal email to steal trade documents

4 Aug 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
Google blocked record-breaking 2.5Tbps DDoS attack in 2017
Security

Google blocked record-breaking 2.5Tbps DDoS attack in 2017

19 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020