Study: Great danger from old weak points

Share post

Trend Micro Study: Old vulnerabilities pose great risk. Around a quarter of the exploits traded in the cybercriminal underground are over three years old.

Trend Micro, one of the world's leading providers of cybersecurity solutions, publishes a new study calling on companies to focus their patching measures on the vulnerabilities that pose the greatest risk to their business - even if they are several years old are.

3 year old exploits are still sought after

Trend Micro Research found that 22 percent of exploits traded on underground forums are more than three years old. The report highlights several risks from legacy exploits and vulnerabilities, including:

  • The oldest exploit sold underground was for CVE-2012-0158, a so-called Microsoft Remote Code Execution Exploit (RCE) from 2012.
  • CVE-2016-5195, better known as the "Dirty Cow Exploit", remains current even after five years.
  • In 2020, WannaCry was still the most widely reported malware family in circulation, with over 2021 infected devices worldwide as of March 700.000. WannaCry has been spreading since 2017.
  • 47 percent of cyber criminals targeted Microsoft products in the past two years.

“Cyber ​​criminals know that companies have difficulty patching their systems as quickly as possible and prioritizing this process. Our research shows that patch delays are often exploited, ”explains Richard Werner, Business Consultant at Trend Micro. “The lifespan of a vulnerability or an exploit does not depend on when a protective patch is available. Rather, older exploits are cheaper and may therefore be more popular with attackers who shop in underground forums. Virtual patching is the best way to minimize the risks of known and unknown threats to businesses. "

Decrease in zero-day and n-day vulnerabilities

Products affected by exploits traded in cybercriminal underground forums (Image: Trend Micro)

The study also shows a decline in the market for zero-day and n-day vulnerabilities over the past two years. This development is due in no small part to the popularity of bug bounty programs such as Trend Micro's Zero Day Initiative. The rise of Access-as-a-Service, the new driver in the exploit market, is also having an impact. Access-as-a-Service describes the sale of illegal access to previously hacked (corporate) networks or devices on virtual underground marketplaces. This “service” has the advantages of an exploit, but all of the laborious work of gaining access to systems has already been done for the buyer. The underground prices start at less than 1.000 euros.

50 new vulnerabilities per day

These current developments lead to greater risk for companies. With nearly 50 new known Common Vulnerabilities and Exposures (CVEs) released per day in 2020, the pressure on security teams to prioritize patches and deliver them in a timely manner has never been greater. It currently takes an average of almost 51 days for a company to patch a new vulnerability. One possibility to close this protection gap is virtual patching. By using this technology in intrusion prevention systems (IPS), companies can protect their systems against both known and previously unknown threats.

The full report, The Rise and Fall of the N-day Exploit Market in Cybercriminal Underground, is available online in English.

More at TrendMicro.com

 


About Trend Micro

As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.


 

Matching articles on the topic

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

Digital Security: Consumers trust banks the most

A digital trust survey showed that banks, healthcare and government are the most trusted by consumers. The media- ➡ Read more

Vulnerabilities in medical devices

One in four medical devices (23%) has a vulnerability from the US cyber security agency CISA's Known Exploited Vulnerabilities (KEV) catalog. In addition, there are ➡ Read more

Darknet job exchange: Hackers are looking for renegade insiders

The Darknet is not only an exchange for illegal goods, but also a place where hackers look for new accomplices ➡ Read more