Known Vulnerabilities Are A Cyber Criminal's Best Friend
very year, the number of cyber attacks continue to set new records. While this in itself is bad news, there is a silver lining, the majority of these attacks will exploit known vulnerabilities. Yes, zero-day attacks will still happen, as will employee errors that allow hackers to access your network. Fortunately, there are solutions that will help you eliminate the risk posed by known vulnerabilities.
A recent study showed that 90% of attacks launched against companies used vulnerabilities that are three years old, while 60% were attacked with exploits that were 10 years old. This data is supported by Verizon’s DBIR report which found that 99.9% of exploited vulnerabilities had been disclosed and assigned a CVE number more than a year prior.
While these reports focus on what has happened in the past, Trend Micro’s analysis for 2018 contains one underlying theme, this year’s biggest attacks will stem from known vulnerabilities. The reason this doesn’t change is simple, cyber criminals are looking for the easiest way in. Just like criminals looking for unlocked cars in a parking lot, cyber criminals will repurpose previously created attacks against known vulnerabilities to find the lowest hanging fruit.
Look at one of last year’s biggest news gathering attacks, WannaCry. It exploited a two month old known vulnerability. Had the attack victims implemented the patch in a timely manner, they would have been protected with no impact from the attack. As long as companies don’t patch across their infrastructure in a timely fashion, known vulnerabilities will be their ‘go to’ attack vector because they are profitable and effective.
Sometimes called broad based attacks, the cost for cyber criminals to launch are minimal, with the primary cost often being that of the exploit kit. Once they have the kit, they can launch an attack quickly and easily from a single device targeting a large array of IP addresses. This is because many of today’s cyber criminals don’t have the expertise to create new attacks. And even if they do, they may not want to invest the time or money required to build, test, and launch them, when they can spend far less and be just as, if not more, successful.
The technology that has enabled employees to be more productive through (a) access to new software tools in the cloud, and (b) their ability to connect to the network from any device, anywhere in the world, is the same technology that has increased your attack surface. Unfortunately, technology hasn’t kept up from the security side, making your job harder than it’s ever been before. And with cyber attacks gaining more headlines, not only is maintaining data security harder than ever before, it’s also more scrutinized than ever before.
The best way to reduce your attack surface is to implement a cloud native endpoint protection solution. Automox is one such solution. Automox automates patch management, including remediation, and allows you the ability to customize how and when you apply patches. Utilizing a cloud native agent, you can deploy Automox across your entire infrastructure in minutes, including workstations and servers.
Once deployed, you have visibility of every endpoint, including Windows, Mac OS X, and Linux in a single dashboard. You can see the hardware and software present by individual endpoint along with outstanding patches available. From here you can elect to patch now, or you can create patch policies for specific types of vulnerabilities or groups of endpoints.
From set it and forget it simplicity to integration into your existing patch testing workflow, Automox is designed to complement your security procedures. Automating the patching process protects your ‘low hanging fruit’ from cyber criminals and improves your cyber hygiene with little effort required from your team.
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.