Rapid7 Report: Attackers Developing, Deploying Exploits Faster Than Ever
by Dan Kobialka • Mar 1, 2023
Security and IT teams are tasked with managing vulnerabilities and reducing risks for their respective organizations. MSSPs fill that role, too.
Yet, many of these teams are struggling to keep pace with cybercriminals that are rapidly developing and deploying exploits, according to the 2022 Vulnerability Intelligence Report from Rapid7.
Key takeaways from Rapid7’s report include:
- In 2022, 56% of vulnerabilities were exploited within seven days of public disclosure, up 12% from 2021 and 87% from 2020.
- Rapid7 discovered 28 net-new widespread threats in 2022, down 15% year over year.
- Approximately 43% of the widespread threats that Rapid7 researchers analyzed began with a zero-day exploit, down from 52% in 2021.
- Only 14 of the vulnerabilities in the report are known to have been exploited to carry out ransomware attacks, down 33% year over year.
- The average time to known exploitation for vulnerabilities was 24.5 days, up from 12 days in 2021.
- There was “widespread exploitation of various business-critical technologies vulnerable to Log4Shell” during the first six weeks of 2022.
- Thousands of vulnerable Microsoft Exchange servers are still in use across the public internet.
- Vulnerabilities continue to crop up from application programming errors, hardware bugs and hundreds of other conditions spanning all layers of the technology stack.
The cybercrime economy continues to evolve, Rapid7 Vulnerability Research Manager Caitlin Condon stated. To keep pace, organizations must evaluate cyber threats and generate security insights. This allows organizations to understand the cyber threat landscape and identify the best ways to secure their IT environments.
Tips to Help Organizations Secure Their IT Environments
Basic vulnerability management is key for global organizations, Rapid7 noted. Organizations can develop and deploy patching procedures and incident response playbooks to manage vulnerabilities across their IT environments. In doing so, they can guard against widely exploited common vulnerabilities and exposures (CVEs).
In addition, organizations should keep current with operating system-level updates, Rapid7 indicated. That way, they can install out-of-band security patches as soon as they become available.
Organizations should also assess their attack surface area and critical network entry points, Rapid7 stated. They can then safeguard their virtual private networks (VPNs), firewalls and other gateways.