Coalition, the world’s first Active Insurance provider designed to prevent digital risk before it strikes, today published its first annual Coalition Cyber Threat Index, detailing insights on cybersecurity trends from 2022 and what emerging cyber threats are on the horizon to better prepare businesses for 2023.
Based on data from the last ten years, Coalition predicts more than 1,900 new Common Vulnerabilities and Exposures (CVEs) per month in 2023, including 270 high-severity and 155 critical-severity vulnerabilities — a 13% increase in average monthly CVEs from published 2022 levels.
Coalition also reported:
- For most CVEs, the time to exploit is within 90 days of public disclosure, with the majority exploited within the first 30 days.
- 94% of organizations scanned in the last year have at least one unencrypted service exposed to the internet.
- Remote Desktop Protocol (RDP) remains cyber-attackers’ most commonly scanned protocol, meaning they still leverage old protocols with new vulnerabilities to gain access to systems.
- Elasticsearch and MongoDB databases have a high rate of compromise, with signals showing that a large number have been captured by ransomware attacks.
“The reality is that the number of security vulnerabilities and breaches are consistently increasing —from 1,000 in 2002 to over 23,000 in 2022. Defenders are fighting a battle on all sides and at all times,” said Tiago Henriques, Coalition’s Vice President of Security Research. “We produced this report to provide as much information as possible for organizations to learn from. With the overwhelming volume of vulnerabilities and lack of IT staff, cybersecurity experts need a way to evaluate each vulnerability’s risk so they can prioritize what to address.”
Coalition compiled its 2023 Cyber Threat Index based on critical information gathered from its active risk management and reduction technology that combines data from underwriting and claims, internet scans, and Coalition’s global network of honeypot sensors. Coalition’s scanning data includes over 5.2 billion IP addresses. Its honeypots, used to observe attacks from the inside and develop a deeper understanding of attackers’ techniques, span over 22,000 events and multiple geo-distributed IP addresses.
In light of these findings, Coalition recommends that organizations and their security and IT teams prioritize applying updates on public-facing infrastructure and internet-facing software within 30 days of a patch’s release and follow regular upgrade cycles to mitigate vulnerabilities in older software to prepare for the looming 2023 threats.
“Cybersecurity professionals must be more alert than ever to vulnerabilities that already exist within their networks and assets. Attackers are becoming increasingly sophisticated and have become experts at exploiting commonly used systems and technologies,” continued Henriques. “Organizations must ensure they use secure communication protocols to access their data and that those services have enforced multifactor authentication. Taking steps like these to improve your basic security hygiene is crucial to improving your overall defence posture.”
Be the first to comment