According to research by Tenable, at least 40,417,167,937 records were exposed globally in 2021, calculated by analyzing 1,825 publicly disclosed data breach incidents between November 2020 and October 2021. a considerable increase from the same period in 2020, which saw 730 publicly disclosed events with just over 22 billion records exposed.
By understanding threat actor behavior, organizations can effectively prioritize security efforts to disrupt attack paths and protect critical systems and assets. Analysis of events for this report revealed that many are easily mitigated by patching legacy vulnerabilities and fixing misconfigurations to help limit attack paths.
- Ransomware had a monumental impact on organizations in 2021, responsible for approximately 38% of all breaches.
- 6% of breaches were the result of insecure cloud databases.
- Unpatched SSL VPNs continue to provide an ideal entry point for attackers to perform cyber espionage, exfiltrate sensitive and proprietary information, and encrypt networks.
- Threat groups, especially ransomware, are increasingly exploiting vulnerabilities and misconfigurations in Active Directory.
- Software libraries and networking stacks commonly used among OT devices often introduce additional risk when security checks and code audits are not in place.
- Ransomware groups have favored physical disruption of the supply chain as a tactic to extort payments, while cyber espionage campaigns have exploited the software supply chain to gain access to sensitive data.
- Health and education have been the most disrupted by data breaches.
“The migration to cloud platforms, reliance on managed service providers, software, and infrastructure-as-a-service have all changed the way organizations need to think about and secure the perimeter,” says Claire Tills, Senior Research Engineer, Tenable.
“Modern security managers and practitioners need to think more holistically about the attack pathways that exist within their networks and how they can effectively disrupt them. By examining the behavior of threat actors, we can understand which attack paths are most successful and leverage this information to define an effective security strategy. ”
Staying on top of patches is hard enough given the sheer volume of disclosed vulnerabilities, but in 2021 it was even harder due to incomplete patches, poor vendor communications, and patch bypasses.
In 2021, 21,957 common vulnerabilities and exposures (CVEs) were reported, representing a 19.6% increase from the 18,358 reported in 2020 and a 241% increase from the 6,447 disclosed in 2016. From 2016 to 2021, the number of CVEs increased on average. annual percentage growth rate of 28.3%.