Cyber insurance provider Coalition said it expects the total number of common vulnerabilities and exposures (CVEs) to increase by 25 percent in 2024 to 34,888 vulnerabilities, or roughly 2,900 per month.
The InsurTech’s Cyber Threat Index 2024 detailed cybersecurity trends from 2023 and emerging threats businesses should be aware of in 2024. Coalition said the volume of vulnerabilities discovered has steadily increased since the 1990s, with the number of CVEs surging 500 percent since 2016.
“New vulnerabilities are published at a rapid rate and growing. With an influx of new vulnerabilities, often sprouting via disparate flagging systems, the cyber risk ecosystem is hard to track,” said Tiago Henriques, Coalition’s head of research. “Most organizations are experiencing alert fatigue and confusion about what to patch first to limit their overall exposure and risk.”
Key findings from the report include:
- Unique IP addresses scanning for Remote Desktop Protocol (RDP), a secure network communication protocol offered by Microsoft, increased by 59 percent. Businesses with RDP exposed to the internet are the most likely to experience a ransomware event.
- Scans found that around 10,000 businesses are running the end-of-life (EOL) database Microsoft SQL Server 2000, and over 100,000 businesses are running EOL Microsoft SQL servers. This indicates that a product has reached the end of its life cycle, and servicing and support are no longer available, leaving it vulnerable during its remaining lifetime and during migration and upgrades.
- Honeypot (sensor) activity spiked by 1,000% 16 days before Progress Software issued its MOVEit security advisory. A honeypot is a network-attached system used as a decoy to lure cyber attackers. It then collects information and notifies defenders of access attempts by unauthorized users.
Coalition recommends organizations address influx of vulnerabilities and exposures with human-managed detection and response tools.
“We’re at the point where just setting and forgetting a technology solution is not enough anymore, and experts need to be involved in vulnerability and risk management,” said John Roberts, general manager, security. “With managed detection and response, after technology detects suspicious activity, human experts can intervene in numerous ways, including isolating impacted machines or revoking privileges. Coalition has experience doing exactly this to stop cyber criminals mid-attack.”