Bank Heists, Malware, and New Vulnerabilities
Managing Vulnerabilities in 2021
New research from NCC Group’s Research and Intelligence Fusion Team (RIFT) has revealed that more than 4,400 vulnerabilities were disclosed between January and March of 2021. The good news is that this is 4% down on the same period in 2020. The bad news is that 72% had no patches available.
What this means is that, while patch management is a vital ingredient of any security strategy, it is not enough. It must be complemented by comprehensive vulnerability management.
Vulnerability scanners must be regularly deployed to scour the network for strange patterns, potential authorization issues, antivirus status, OS misconfigurations, compliance violations, insecure ports, software vulnerabilities, brute force attacks, and insecure passwords.
Such scans must be automatically schedulable and must be able to prioritize exposed risk relative to the needs of the environment. Only in this way can an organization remain vigilant enough to catch an unknown vulnerability before infection takes hold throughout the enterprise.
This NCC Group research found that 13% of the new vulnerabilities for the quarter were classified as critical. Unfortunately, proof-of-concept exploits were publicly available 29% of the time i.e., they could potentially be used by cybercriminals in zero-day attacks. Further, about half of the vulnerabilities for which an exploit code was accessible had no remediation patch available.
Combine Patch Management with Vulnerability Scanning
Nevertheless, it should be understood that once vulnerabilities are known, patches are made available rapidly. These are issued promptly by vendors and should be deployed at once based prioritization of their severity level. That action alone will close the door on the vast majority of insecure channels into the organization.
The Verizon Data Breach Incident Report found that new vulnerabilities are not the cause of most security havoc in the enterprise. It is old, unmitigated holes and vulnerabilities that are the most exploited.
As the report said, “one might think that more recent vulnerabilities would be more common. However, as we saw last year, it is actually the older vulnerabilities that are leading the way. These older vulnerabilities are what the attackers continue to exploit.”
Therefore, patch management should be rigorously implemented as a major line of defense. But this study from NCC Group makes it clear that patch management must be supported by regular vulnerability scanning to provide an eagle eye for brand new vectors of incursion.
This one-two punch of vulnerability scanning and patch management provides an essential defensive barrier against most potential incursions. It must be supported by adequate user training to proof employees up against phishing attacks and other social engineering scams. With these security defenses in place, organizations are in a strong position to avoid the scourge of ransomware and other malware-borne ills.
Vulnerability Scanning with Syxsense
The Syxsense vulnerability scanner is not only a complete security management package, it is automated, repeatable, and generates quick results, delivering security and safety in a timely manner.
With security scanning and patch management in one console, Syxsense Secure is the only product that not only shows you what’s wrong, but also deploys the solution. It offers visibility into OS and third-party vulnerabilities like defects, errors, or misconfigurations of components, while increasing cyber resilience with automated patching and security scans.
Start Your Free Trial of Syxsense
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
