Every year, the number of cyber attacks continue to set new records. While this in itself is bad news, there is a silver lining, the majority of these attacks will exploit known vulnerabilities. Yes, zero-day attacks will still happen, as will employee errors that allow hackers to access your network. Fortunately, there are solutions that will help you eliminate the risk posed by known vulnerabilities.
A recent study showed that 90% of attacks launched against companies used vulnerabilities that are three years old, while 60% were attacked with exploits that were 10 years old. This data is supported by Verizon’s DBIR report which found that 99.9% of exploited vulnerabilities had been disclosed and assigned a CVE number more than a year prior.
While these reports focus on what has happened in the past, Trend Micro’s analysis for 2018 contains one underlying theme, this year’s biggest attacks will stem from known vulnerabilities. The reason this doesn’t change is simple, cyber criminals are looking for the easiest way in. Just like criminals looking for unlocked cars in a parking lot, cyber criminals will repurpose previously created attacks against known vulnerabilities to find the lowest hanging fruit.
Look at one of last year’s biggest news gathering attacks, WannaCry. It exploited a two month old known vulnerability. Had the attack victims implemented the patch in a timely manner, they would have been protected with no impact from the attack. As long as companies don’t patch across their infrastructure in a timely fashion, known vulnerabilities will be their ‘go to’ attack vector because they are profitable and effective.
Sometimes called broad based attacks, the cost for cyber criminals to launch are minimal, with the primary cost often being that of the exploit kit. Once they have the kit, they can launch an attack quickly and easily from a single device targeting a large array of IP addresses. This is because many of today’s cyber criminals don’t have the expertise to create new attacks. And even if they do, they may not want to invest the time or money required to build, test, and launch them, when they can spend far less and be just as, if not more, successful.
The technology that has enabled employees to be more productive through (a) access to new software tools in the cloud, and (b) their ability to connect to the network from any device, anywhere in the world, is the same technology that has increased your attack surface. Unfortunately, technology hasn’t kept up from the security side, making your job harder than it’s ever been before. And with cyber attacks gaining more headlines, not only is maintaining data security harder than ever before, it’s also more scrutinized than ever before.
The best way to reduce your attack surface is to implement a cloud based endpoint protection solution. Automox is one such solution. Automox automates patch management, including remediation, and allows you the ability to customize how and when you apply patches. Utilizing a cloud based agent, you can deploy Automox across your entire infrastructure in minutes, including workstations and servers.
Once deployed, you have visibility of every endpoint, including Windows, Mac OS X, and Linux in a single dashboard. You can see the hardware and software present by individual endpoint along with outstanding patches available. From here you can elect to patch now, or you can create patch policies for specific types of vulnerabilities or groups of endpoints.
From set it and forget it simplicity to integration into your existing patch testing workflow, Automox is designed to complement your security procedures. Automating the patching process protects your ‘low hanging fruit’ from cyber criminals and improves your cyber hygiene with little effort required from your team.
Instead of being the next company to make headlines for a known vulnerability breach because you haven’t had time to patch, you can be silently going about your day to day business knowing your infrastructure is current with CVE’s. To try Automox for yourself, sign up for our free 15-day trial. You’ll have full platform access with no endpoint limit and no credit card is required.