Coalition announces inaugural cyber threats index
Based on data from the last ten years, Coalition predicted over 1,900 new common vulnerabilities and exposures (CVEs) per month in 2023, a 13% increase in average monthly CVEs from published 2022 levels. These 1,900 CVEs included 270 high-severity and 155 critical-severity vulnerabilities.
Here are other findings from Coalition’s cyber threat index:
Most CVEs are exploited within 90 days of public disclosure, with the majority exploited within the first 30 days.
Ninety-four percent of organizations scanned in 2022 alone had at least one unencrypted service exposed to the internet.
Remote Desktop Protocol or RDP is still cyber attackers’ most commonly scanned protocol. This meant that cyber attackers continued to prefer to leverage old protocols with new vulnerabilities to gain access to systems.
Elasticsearch and MongoDB databases have a high rate of compromise, with signals showing that a large number have been captured by ransomware attacks.
“The reality is that the number of security vulnerabilities and breaches are consistently increasing – from 1,000 in 2002 to over 23,000 in 2022,” said Coalition vice president of security research Tiago Henriques. “Defenders are fighting a battle on all sides and at all times.”
We’ve released our first technical report at @SolveCyberRisk you can download it here https://t.co/WWaZ12S37r – tl;dr: Lots of vulns, focus on fixing what matters, still a lot of data exposed ready to be stolen, ton of insecure services, patching is hard!
— Tiago Henriques (@Balgan) February 1, 2023
Henriques added: “We produced this report to provide as much information as possible for organizations to learn from. With the overwhelming volume of vulnerabilities and lack of IT staff, cybersecurity experts need a way to evaluate each vulnerability’s risk so they can prioritize what to address.”
Coalition’s cyber threats index ended with two recommendations for organizations’ IT teams and cyber security. They should apply updates on public-facing infrastructure and internet-facing software within 30 days of every patch’s release, and they should follow regular upgrade cycles. These would mitigate vulnerabilities – especially in older software – to the cyber threat events looming ahead.
“[Cyber] attackers are becoming increasingly sophisticated and have become experts at exploiting commonly used systems and technologies,” said Henriques. “Organizations must ensure they use secure communication protocols to access their data and that those services have enforced multifactor authentication. Taking steps like these to improve your basic security hygiene is crucial to improving your overall defence posture.”