Google’s Project Zero and Mandiant Threat Intelligence Publish Reports on Zero-Day Trends

Last week, Google Project Zero and Mandiant published two separate papers detailing the rising trend of zero-day exploits used in recent cyber attacks. A zero-day exploit is a security flaw that is actively exploited by hackers prior to the release of a security fix. Together, the two studies paint a picture of how zero-day vulnerabilities fit into the new cyber-threat ecosystem.

Financially Motivated Attacks Are Increasing

Mandiant stated in their April 21 report that zero-day exploitation is increasing, with an all-time high of eighty zero-days exploited in 2021. Prior to this, the most they had seen in a year was thirty-two in 2019 and thirty in 2020. They're also witnessing a wider range of attacks, with more commercially oriented attackers exploiting zero days than just state-sponsored espionage groups. According to Mandiant, state-sponsored groups are still the most common attackers, but financially motivated attacks are on the rise, accounting for one out of every three events, with huge tech companies like Microsoft, Apple, and Google being the most frequently targeted.

More Connected Devices Means More Attacks

Mandiant feels that this expansion is the result of a combination of causes. Due to the sheer proliferation of new devices and internet-connected systems, there are more zero days available for use. Exploit brokers are allocating resources toward zero-day research and development, and stronger security means better detection, so enterprises can spot these types of assaults at a higher rate with better visibility. It also means that the range of attacks is getting bigger because there are more devices out there to attack. So, more businesses should be putting more defences in place.

In Google’s Project Zero report, 2021 was also a record year for zero-day exploitation, with a total of fifty-eight disclosures. This was slightly more than double the prior forecast for 2020, which was twenty-five. Like Mandiant, Project Zero attributes this growth to improved detection and disclosure, rather than simply increased consumption. According to Project Zero, in most cases, attackers use traditional approaches to exploit vulnerabilities, so they do not have to spend money creating and designing new techniques if they do not have to. As a result, zero days aren't very expensive for attackers to set up or buy, which may be why more financially motivated criminals are using them.

Stay Protected

Zero-day attacks are an unavoidable reality. Attackers take advantage of security holes that software developers are unaware of. So, it's even more critical to have a professional security team design defence measures to protect your firm from modern attackers. MYDWARE always stays one step ahead of the attackers. We know about network faults and cyber risks before you do. In order to prevent damage or downtime, we use cutting-edge technology to manage and monitor your network's uptime and security. We will also notify you if your personal, employee, or company data is sold on the dark web. Set up a consultation with us today and keep your business protected from modern cyber-threats.

Sources: [1],[2],[3]