90% of Orgs Record Exploits for Vulnerabilities More than Three Years Old

90% of Orgs Record Exploits for Vulnerabilities More than Three Years Old

A new report from Fortinet has revealed that, in Q2 2017, 90% of organizations recorded exploits for vulnerabilities that were three or more years old. Even after 10 or more years following a flaw’s release, 60% of companies still experienced related attacks, the firm discovered.

“This is highly concerning,” Richard Absalom, senior analyst at Information Security Forum, told Infosecurity. “Organizations are still not getting to grips with well-known vulnerabilities and taking basic steps (e.g. patching) to reduce them. A number of factors might cause such slow reactions: from infosec departments being under-resourced, to organizations running old systems that would need to be temporarily shut down in order to be patched.”

Fortinet also claimed that poor security hygiene and risky application usage are enabling cyber-criminals to carry out destructive worm-like attacks that take advantage of exploits at record speed, with adversaries spending less time developing ways to break in. Instead they are focusing on leveraging automated and intent-based tools to infiltrate with more impact to business continuity.

In fact, almost 44% of all exploit attempts occurred on either Saturday or Sunday, showing that automated threats do not take weekends or nights off.

“Newer worm-like capabilities spread infections at a rapid pace and can scale more easily across platforms or vectors,” said Phil Quade, chief information security officer, Fortinet. “Intent-based security approaches that leverage the power of automation and integration are critical to combat this new ‘normal’.”

“You don’t need to look very far into the past to see the impact of a worm attack,” added Absalom. “NotPetya caused severe disruption to operations in many organizations, bringing some to almost a complete halt. For a lot of organizations, it took weeks to recover – some are still dealing with the impact, close to two months since the malware was released.”

Source: Information Security Magazine