NEW YORK—Cyber defenders and security engineers are “suffering from fatigue caused by a surge in hackers exploiting zero-day vulnerabilities,” according to a new report.
Verizon’s 2024 Data Breach Investigations Report shows a 180% increase in successful cyberattacks targeting known flaws to gain initial access into victim networks between Nov. 1, 2022, and Oct. 31, 2023, reported Bank Info Security.
Verizon researchers based their findings on 30,458 real-world security incidents, including 10,626 confirmed data breaches, Bank Info Security said.
"Fatigue has set in over the last year for both cyber defenders and engineers," Verizon Business CISO Nasrin Rezai said at an event on the 2024 DBIR held in Washington, according to the report. "So, what can we do [for] cyber defenders? Make it more automated, give them more analytics, and give them more risk-based methods by which they can prioritize."
The Findings
The Verizon report found:
- Human error was a factor in at least 28% of assessed security incidents
- Two-thirds of confirmed breaches targeted humans in addition to systems and networks
- It takes cyber defenders nearly 55 days on average to mitigate 50% of critical vulnerabilities once patches become available, while attackers need just five days to start exploiting n-day vulnerabilities
“The report attributes the numerical increase in zero-day exploit attacks partially to the Clop ransomware group's mass exploitation of a major vulnerability found in Progress Software's MOVEit secure file transfer tool in 2023,” Bank Info Security reported. “The full impact of the largest hack of the previous year still remains unknown, but the latest analysis from security firm Emsisoft says that Clop directly or indirectly affected 2,770 organizations and exposed data pertaining to 95 million individuals.”
How to Sign Up For the Best Daily News Email in Credit Unions? (It’s Free!)
Every workday CUToday.info delivers the most comprehensive, freshest daily newsletter with the day’s news headlines, including links to the related articles. The Fresh Today newsletter is the most timely, relevant and widely-read source of news and information in the CU community. And it’s free!
If you haven’t yet signed up for the new email solution on which CUToday.info has partnered with ResponseGenius, you can do so here. Signing up requires less than one minute of your time—and it’s free!
Please note that after signing up you may need to go to your Spam/Junk folder and mark the morning headlines email as safe. CUToday.info does not provide its list of readers and emails to outside parties,
And did we mention it’s free?