Experts from Palo Alto Networks have calculated that 5 minutes after the official announcement of the bug, the criminals are already looking for vulnerable devices. On average, every hour, attackers start new scans looking for vulnerable systems, and in general are much faster than companies that take time to fix bugs.
If information about some critical vulnerabilities appears on the network, hackers act even faster: new scans are launched within a few minutes.To compile these statistics, Palo Alto Networks experts studied various scans of 50,000,000 IP addresses of 50 global enterprises, some of which are on the Fortune 500, from January to March 2021.
It found that, on average, it took companies about 12 hours to discover and patch a major new vulnerability.
Moreover, almost a third of the identified problems are related to RDP, which is a common target of ransomware, since they can use it to gain administrative access to servers. Misconfigured database servers, zero-day vulnerabilities in mission-critical Microsoft and F5 products, and insecure remote access (Telnet, SNMP, VNC) round out the list of common problems.
In turn, attackers often increase the frequency of their scans to 15 minutes when messages appear about a new critical vulnerability that are available for remote exploitation. Moreover, in some cases, hackers act even faster: for example, it took them only about 5 minutes to start scans, after detecting ProxyLogon errors in Microsoft Exchange Server and Outlook Web Access (OWA) problems.
Recall that we wrote that reserchers discovered in Google Cloud, AWS, and Azure Explore 34 Million Vulnerabilities. And that most of the exploits for 0-Day vulnerabilities are developed by private companies.
User Review
( votes)
