Over 22 billion records exposed worldwide in 2020: Report

Hemani Sheth Mumbai | Updated on January 15, 2021

35% of breaches linked to ransomware attacks that resulted in ‘tremendous financial cost’: Tenable’s 2020 Threat Landscape Retrospective (TLR) report

An analysis of breach data by cybersecurity firm Tenable’s Security Response Team (SRT) has revealed that over 22 billion records were exposed worldwide as a result of 730 publicly disclosed security events from January through October 2020.

According to Tenable’s 2020 Threat Landscape Retrospective (TLR) report, 35 per cent of breaches analysed by Tenable were linked to ransomware attacks. These breaches have resulted in a “tremendous financial cost.”

Fourteen per cent of these breaches were the result of email compromises.

Also read: Quick Heal invests $2 m into Israeli startup

“One of the overarching themes of the threat landscape in 2020 was that threat actors relied on unpatched vulnerabilities in their attacks as well as chaining together multiple vulnerabilities as part of their attacks,” Tenable said.

The number of reported common vulnerabilities and exposures (CVEs) has increased by 6 per cent in 2020, compared to 2019, amounting to 18,358. As per the report, prioritising the vulnerabilities that require the most attention is more challenging than ever.

The report further found that pre-existing vulnerabilities in virtual private network (VPN) solutions are among the top targets for cybercriminals and nation-state groups.

Apart from this, cybercriminals are also increasingly targeting web browsers like Google Chrome, Mozilla Firefox, Internet Explorer and Microsoft Edge. Zero-day vulnerabilities targeting web browsers accounted for over 35 per cent of all zero-day vulnerabilities exploited.

Satnam Narang, Staff Research Engineer at Tenable, said, “A complex threat landscape, highly motivated threat actors and readily available exploit code translate into serious cyber attacks as reflected in this report. Many of the tactics used by bad actors are not sophisticated or didn’t require flexing too many mental muscles, making it more important than ever to patch vulnerabilities in a timely manner.”

Also read: ‘Organisations can take at least 93 days to realise hacking has taken place’

“To adapt in a digital and distributed world, every industry sector and business model is reliant on technology. Hence, pausing for a retrospective provides cybersecurity professionals with an important opportunity to identify gaps and refine strategies to make their organisations more secure. In 2021, it’s essential that we have the tools, awareness and intelligence to effectively reduce risk and eliminate blind spots. It’s only through looking at where we’ve come from that we can effectively plan for what lies ahead,” he added.

Published on January 15, 2021

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

This article is closed for comments.
Please Email the Editor

You May Also Like