Friday, March 29, 2024
HomeSECURITYMost of the zero-day vulnerabilities in the past year were exploited by...

Most of the zero-day vulnerabilities in the past year were exploited by Chinese hackers

-


Most of the zero-day vulnerabilities in the past year were exploited by Chinese hackers

The researchers hope that the transition to cloud software will solve the growing problem.

Researchers from a threat intelligence company Mandiant recently released detailed report for 2022 on the use of zero-day vulnerabilities by hackers around the world. According to experts, a total of 55 zero-day vulnerabilities were recorded last year. For comparison, in 2021 there were even more of them — 81 vulnerabilities. Nevertheless, this figure is still significant and reflects the general trend of attackers exploiting previously unknown vulnerabilities, which allows them to deliver their cyber strikes where no one expects it.



Zero-day vulnerabilities in 2022 driven by hackers

Mandiant singled out Chinese state-linked hackers. They are still the most active exploiters of zero-day vulnerabilities. And on the motivation of attackers, the researchers determined that out of 16 vulnerabilities analyzed in detail, as many as 13 were used for the purpose of cyber espionage.

State-backed hackers have been particularly focused on peripheral network devices such as firewalls and routers in the past year. Attacks on these systems have become especially attractive because endpoint vulnerability detection software often does not cover these devices and does not provide a sufficiently high level of protection. IN separate report published by Mandiant on March 16, the researchers described how Chinese hackers firmly aimed on Fortinet and VMware security products in an attempt to maintain persistence on compromised networks.

In the past, exploiting zero-day vulnerabilities has always been the preserve of state-backed hackers. Largely due to the complexity and cost of obtaining these vulnerabilities. However, now even simple private groups of attackers are increasingly using such vulnerabilities in their own campaigns.

The advent of ransomware has led to huge profits for cybercriminals. And it is ransomware that accounts for 75% of zero-day exploits, according to the Mandiant report.

Tracking and analyzing the exploitation of zero-day vulnerabilities is a complex task. Therefore, it is likely that there were much more such attacks over the past year than researchers know. In general, Mandiant predicts an increase in the number of zero-day vulnerabilities, since their use provides attackers with obvious advantages such as ease of exploitation, a high probability of success of such an attack, and stealth that other types of vulnerabilities cannot provide.

However, Mandiant expects in the near future a massive transition of companies to cloud solutions, whose vendors will be able to quickly deploy the latest security patches on their own, without relying on system administrators on site. So, hypothetically, the number of cases of exploitation of such vulnerabilities will be significantly reduced.



Source link

www.securitylab.ru

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular