If it Ain’t Broke, Go Fix It- How Cybercriminals Keep Exploiting the...

If it Ain’t Broke, Go Fix It- How Cybercriminals Keep Exploiting the Same Old Vulnerabilities

image provided by pixabay

This post is also available in: heעברית (Hebrew)

Turns out that the old saying “if it ain’t broke- don’t fix it” does not apply to your company’s systems. It has been proven that cybercriminals worldwide are routinely exploiting over 40 common vulnerabilities in systems.

A new joint cybersecurity advisory report written by international cybersecurity agencies reveals that many cybercriminals use older software vulnerabilities more frequently than recently discovered ones, and their main target is unpatched internet-facing systems.

The report states that the proof-of-concept code for many software vulnerabilities or vulnerability chains is public and utilized by a broad range of malicious actors. Exploiting critical, widespread, and publicly known vulnerabilities gives cybercriminals low-cost, high-impact tools they can use for a few years because organizations are slow in patching their systems.

According to Cybernews, most of the success in exploiting known flaws can be achieved until two years after they were publicly disclosed, since their value gradually decreases as software is updated or upgraded.

The report states that “Malicious cyber actors likely prioritize developing exploits for severe and globally prevalent common vulnerabilities and exposures,” and adds that timely patching reduces the effectiveness of such attacks and pushes hackers to work harder.

The authoring agencies of the report recommend that developers and organizations identify their most exploited vulnerabilities, implement appropriate mitigations, follow appropriate secure software design and development practices, and improve their cybersecurity measures accordingly.

Furthermore, they include a list of all the fundamental practices of cybersecurity hygiene, which include:

  • Routinely perform automated asset discovery
  • Implement a robust patch management process
  • Document secure baseline configurations for all IT/OT components
  • Perform regular secure system backups
  • Maintain an updated cybersecurity incident response plan
  • Enforce phishing-resistant multifactor authentication (MFA) for all users
  • Enforce MFA on all VPN connections
  • Regularly review, validate, or remove privileged accounts
  • Configure access control under the principle of least privilege
  • Properly configure and secure internet-facing network devices
  • Implement Zero Trust Network Architecture (ZTNA)
  • Continuously monitor the attack surface
  • Reduce third-party applications and unique system/application builds
  • Ask your software providers to discuss their secure-by-design program

This information was provided by Cybernews.