New samples of ransomware rose year-over-year by 106 percent. Trojans increased by 128 percent, with the use of trojans by threat actors to exploit vulnerabilities of lower severity.
FREMONT, CA: Skybox Security, a global leader in security posture management, has declared the release of its 2021 Vulnerability and Threat Trends Report. Skybox Research Lab unveiled a massive increase in cyber threats globally year-over-year, boosted by both the pandemic and expanding attack surfaces.
"Security leaders face significant challenges, yet they are not impossible to overcome. Now is the moment when cybersecurity can come of age," stated Gidi Cohen, CEO and founder, Skybox Security. "Together, we can zero in on what matters to outsmart attackers and overcome security's most enduring challenges. Strong security posture management is a competitive advantage that can position companies for return to growth in a post-pandemic economy."
Skybox Research Lab key findings
• New malware samples increased significantly: New samples of ransomware rose year-over-year by 106 percent. Trojans increased by 128 percent, with the use of trojans by threat actors to exploit vulnerabilities of lower severity. The standard has been complex, multi-staged attacks and malware-as-a-service.
• Vulnerabilities reached a new high: In 2020, 18,341 new vulnerabilities were identified by Skybox Research Lab. Security and risk leaders need advanced visibility into which vulnerabilities are high-risk and remediation solutions for all assets, including non-patching options, in order to stay ahead of attacks.
• Critical infrastructure has never been more vulnerable: Vulnerabilities in operational technology (OT) increased 30 percent year-over-year. Protection systems need to develop to define and remediate essential attack vectors ahead of incidents. Control of security postures must extend from IT to OT environments.
• Industry 4.0 spreads supply chain risks: Flaws in the Industrial Internet of Things (IIoT) rose 308 percent year-over-year. With parts from hundreds of suppliers, a single IIoT device always ships, lacking transparency in the supply chain. In order to resolve integration across various networked environments, organizations have to understand modeling, risk and attack vectors across organizational boundaries.