Powered by MOMENTUM MEDIA
cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Rapid7 finds cyber personnel can’t patch vulnerabilities fast enough

Cyber criminals are exploiting vulnerabilities faster than ever, according to new findings from Rapid7.

user icon Daniel Croft
Thu, 02 Mar 2023
Rapid7 finds cyber personnel can’t patch vulnerabilities fast enough
expand image

The US-based cyber security organisation released its 2022 Vulnerability Intelligence Report, outlining the current exploitation trends bad actors follow.

“The ransomware ecosystem and the cyber crime economy have continued to mature and evolve,” said Rapid7 vulnerability research manager and lead author of the report Caitlin Condon.

“We saw many more ransomware families actively compromising organisations in 2022, which naturally creates challenges for threat tracking and reporting.”

Rapid7 discovered that the time between a vulnerability being discovered and being exploited is getting shorter and shorter. Zero-day exploits, while slightly less frequent in 2022, were the source of 43 per cent of widespread threats, while 56 per cent of all vulnerabilities analysed in the report were exploited within seven days of being found.

As a result, cyber security organisations and security teams are fighting an uphill battle with an increasing gradient, as they have less and less time to patch these vulnerabilities.

Combined with a skills shortage that’s leaving teams without resources and staff, and hacking groups becoming more sophisticated, defending against vulnerability exploitation is getting drastically more difficult.

There has also been a 33 per cent drop year over year in “vulnerabilities mapped definitely to ransomware operations”, with only 14 of the reports vulnerabilities in the report meeting that criteria.

However, this doesn’t mean that attackers are slowing down, but rather that their methods are getting more complex and have lower industry visibility, making things harder again for security teams.

Twenty-eight net-new widespread threats were detected by Rapid7 in 2022, many of which exploited vulnerabilities to deliver ransomware, botnet malware, web shells, and/or cryptocurrency miners.

Widespread exploitation of new vulnerabilities did decline 15 per cent year over year.

In light of the new findings, Rapid7 has advised that security teams have emergency planning procedures and incident response playbooks in place, follow a defined patch cycle that includes prioritisation of network edge technologies like firewalls and virtual private servers (VPS) and actively exploited common vulnerabilities and exposures (CVEs), maintain operating system level updates, and ensure that internet exposure of critical infrastructure is limited and monitored.

The full report can be found here.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.