Rapid7 has released its latest Vulnerability Intelligence Report, which examines 50 of the most significant security vulnerabilities and high-impact cyberattacks in 2022. The report examines attacker use cases and highlights exploitation trends, as well as provides a framework for understanding new security threats as they emerge.
According to the report, attackers are developing and deploying exploits faster than ever before.
The report includes 45 vulnerabilities that were exploited in the wild, 44% of which were caused by zero-day exploits. In contrast, 56% of the vulnerabilities in the report were exploited within seven days of their public disclosure, a 12% increase over 2021 and an 87% increase over 2020.
Furthermore, the median time for exploitation in 2022 was only one day. As per the Rapid7 report, only 14 of the vulnerabilities have been exploited to carry out ransomware attacks. Despite ongoing ransomware activity, it is a 33% decrease from 2021.
The decline could imply that ransomware operations have become less reliant on security flaws, but it could also be due to other factors, such as lower reporting of ransomware incidents. Other vulnerability and exploit trends covered in this report include ransomware ecosystem complexity, network perimeter privilege escalation, and the long tail of exploitation across older vulnerabilities.
Caitlin Condon, Rapid7 vulnerability research manager and lead author of the Vulnerability Intelligence Report stated, “Rapid7’s team of vulnerability researchers work around the clock to thoroughly investigate and provide critical context into emergent threats. We produce the annual Vulnerability Intelligence Report to help organizations understand attack trends and proactively address the unique and shared threats they face. The ransomware ecosystem and the cybercrime economy have continued to mature and evolve. As a result, we saw many more ransomware families actively compromising organizations in 2022, which naturally creates challenges for threat tracking and reporting."
Security, IT, and other teams tasked with vulnerability management and risk reduction work in high-pressure, high-stakes environments where separating signal from noise is critical. When a new potential threat arises, information security professionals often need to translate vague descriptions and unproven research artefacts into actionable intelligence for their particular risk models.
Condon further concluded, “Rapid7 is known for its ongoing research initiatives that keep its customers and the broader business community safer. The company is on a mission to create a safer digital world by making cybersecurity simpler and more accessible. We empower security professionals to manage a modern attack surface through our best-in-class technology, leading-edge research, and broad, strategic expertise. Rapid7’s comprehensive security solutions help more than 10,000 global customers unite cloud risk management and threat detection to reduce attack surfaces and eliminate threats with speed and precision. The Rapid7 Insight Platform collects data from across your environment, making it easy for teams to manage vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate your operations.”
