Attackers continue to actively exploit vulnerabilities in software code, and this type of attack is becoming increasingly popular in the cybercrime environment. This is evidenced by Kaspersky Lab’s analysis report.
Image Source: Pete Linforth / pixabay.com
The document released by Kaspersky Lab contains statistics and observations made during the company’s investigation into real information security (IS) incidents around the world.
It is noted that in 2021, industrial companies (30.1%), government (19.4%) and financial organizations (12.9%) faced cybersecurity incidents the most. At the same time, in the majority of cases – 53.6% – attackers penetrated the IT infrastructure of companies and exploited vulnerabilities in applications. The proportion of such attacks has increased by more than 20 percentage points since 2020. According to experts, this is due to the fact that many vulnerabilities were discovered in Microsoft Exchange Server last year. The proliferation of this platform, the public availability of exploits for identified vulnerabilities, as well as the slowness of IT staff in installing patches and quickly closing vulnerabilities were the result of a large number of incidents in its use.
“When developing a malicious campaign, attackers first look for easily achievable targets. These are, for example, public servers with known vulnerabilities, weak passwords or compromised accounts. Due to such attack vectors, the number of high criticality incidents is growing year by year,” says a study by Kaspersky Lab.
For the full version of Kaspersky Lab’s analysis report, go to securelist.ru.
Add Comment