The digital revolution has irrevocably changed the way we live, work and interact, propelling data protection and cybersecurity to the forefront of business. This interconnectedness has created an ever-expanding attack surface for malicious actors. For companies trying to combat these threats, there is a temptation to focus resources, effort and attention on news related to the “unknown” – threats that have yet to be fully researched or practically addressed, such as AI, new zero-day cyber threats, etc.
Naturally, identifying and mitigating these threats is an absolute priority for many security teams, especially in the age of AI, due to concerns about the scale of financial damage and operational impact they could cause. However, exploitation of known vulnerabilities (in some cases years old) remains a key cybersecurity challenge for small and medium-sized businesses (SMBs). Simply put, vulnerabilities are weaknesses in systems, applications, processes, and even human behavior that attackers can exploit to gain unauthorized access, steal sensitive data, or disrupt operations.
These vulnerabilities come in many forms. Programming errors and software flaws allow attackers to insert malicious code or circumvent security controls. Improperly configured systems and devices leave them vulnerable to unauthorized access and manipulation. Weak passwords, the bane of cybersecurity professionals, are easily cracked or stolen, allowing attackers to gain access to accounts and networks. Deceptive techniques known as social engineering can trick users into revealing sensitive information or clicking malicious links.
When vulnerabilities are exploited, the consequences can be devastating. Data breaches expose confidential customer information, intellectual property, or financial records, leading to financial loss, reputational damage, and even legal and legislative repercussions. Ransomware attacks, a growing threat, encrypt critical data and paralyze operations until a hefty ransom is paid. Disruptions from cyber attacks can cost businesses millions of dollars and significantly erode consumer trust.
Executive Director of Threat Research, SonicWall.
Vulnerability Landscape – Old Methods Still Dominate
Of course, it's still necessary to devote resources and time to identifying and mitigating new threats, but new data confirms that existing vulnerabilities remain one of the most significant cybersecurity challenges facing SMEs. SonicWall Intrusion Prevention System (IPS) data from January 2022 to March 2024 shows the top five most widespread network attacks targeting SMBs are:
- Log4j (CVE-2021-44228) (43%)
- Fortinet SSL VPN CVE-2018-13379 (35%)
- Heartbleed (CVE-2014-0160) (35%)
- Atlassian CVE-2021-26085 (32%)
- VMware CVE-2021-21975 (28%)
Of the top five most widely used network attacks against SMBs, the most recent vulnerability is nearly three years old and the oldest is over 10 years old, which is primitive considering the modern threat environment. This result is a stark reminder for CISOs and cybersecurity leaders to not get swayed by the latest media stories but to assess their organization's threats based on their own current threat landscape, especially the key cybersecurity risks they face.
This tactic may come as a surprise to security teams, given the level of knowledge and widespread availability of patches. However, there are several factors that make exploiting known vulnerabilities valuable to attackers: Cybercriminals often seek to take the path of least resistance when carrying out cyberattacks, meaning they will test known exploits developing particularly powerful techniques before moving on to more time-consuming, strategically planned intrusions.
For small and medium-sized businesses, especially those in highly regulated or critical industries, balancing the need to keep their existing technology stacks functioning with the cost and skill required to remediate known vulnerabilities means that many vulnerabilities remain at risk indefinitely. Working with a managed service provider (MSP) who can apply testing, knowledge, and industry-leading tools, and set up automated patching, is particularly attractive for SMBs.
How can small businesses mitigate the risks posed by known vulnerabilities?
Fighting cyber threats is a never-ending battle. Vulnerabilities constantly emerge and attackers relentlessly attempt to exploit them, even years after they were first identified. This underscores the importance of staying informed about threats, remediating vulnerabilities promptly, and implementing a layered security approach.
For SMBs, building a more secure digital future requires a strong cybersecurity strategy at the leadership level, combined with the intelligent application of an MSP that can mitigate the risks posed by known vulnerabilities using the gold standard of cybersecurity tools and knowledge.
Ultimately, cybersecurity leaders must adequately prioritize threats and allocate resources and time based on the degree of risk their organizations face. This prioritization is a critical step to ensuring the strongest cybersecurity possible. To do so, it requires a fundamental understanding of the specific risk environment facing each industry and avoid getting caught up in the latest and most frightening AI trends.
We have listed the best patch management software.
This article was produced as part of TechRadarPro's Expert Insights channel, featuring the best and brightest minds in technology today. Opinions expressed here are those of the author and not necessarily those of TechRadarPro or Future plc. If you're interested in contributing, find out more here. https://www.techradar.com/news/submit-your-story-to-techradar-pro