The digital revolution has irrevocably transformed the way we live, work and interact and has brought data protection and cybersecurity to the forefront of business concerns. This interconnectedness leads to an increasingly larger attack surface that malicious actors can target. The temptation for companies seeking to combat these threats is to focus resources, efforts and attention on headlines related to the “unknown”: AI, new zero-day cyber threats that have not yet been thoroughly studied or successfully combated in the nature. .
Naturally, for many security teams, identifying and mitigating these threats, particularly in the age of AI, will be a top priority, with concern over the scale of the financial damage and operational impact they can cause. However, for small and medium-sized businesses (SMBs), the exploitation of known vulnerabilities (sometimes several years old) continues to represent a key cybersecurity challenge. In short, vulnerabilities are weaknesses in systems, applications, processes, and even human behavior that attackers can exploit to gain unauthorized access, steal sensitive data, or disrupt operations.
These vulnerabilities come in many forms. Programming errors and software flaws can create opportunities for attackers to inject malicious code or bypass security controls. Misconfigured systems or devices leave them open to unauthorized access or tampering. Weak passwords, the bane of cybersecurity professionals everywhere, can be easily cracked or stolen, giving attackers access to accounts and networks. Deceptive tactics, known as social engineering, can trick users into revealing sensitive information or clicking on malicious links.
The consequences of exploited vulnerabilities can be devastating. Data breaches expose sensitive customer information, intellectual property, or financial records, resulting in financial loss, reputational damage, and even legal and legislative repercussions. Ransomware attacks, a growing scourge, encrypt critical data and paralyze operations until hefty ransoms are paid. The disruption caused by cyberattacks can cost businesses millions of dollars and significantly erode consumer trust.
Executive Director of Threat Research, SonicWall.
The vulnerability landscape: Older methods still dominate
Of course, it is still necessary to dedicate resources and time to identifying and mitigating new threats; However, new data confirms that existing vulnerabilities continue to represent one of the most important cybersecurity challenges facing SMEs. SonicWall intrusion prevention system (IPS) data from January 2022 to March 2024 reveals the following five most widespread network attacks targeting small businesses:
- Log4j (CVE-2021-44228) (43%)
- SSL VPN for Fortinet CVE-2018-13379 (35%)
- Heart Bleeding (CVE-2014-0160) (35%)
- Atlassian CVE-2021-26085 (32%)
- Vmware CVE-2021-21975 (28%)
Of the five most used network attacks against SMBs, the “newest” vulnerability represented was almost three years old, while the oldest were more than a decade old, which is primitive considering the modern threat environment. The results are a stark reminder to CISOs and cybersecurity leaders that they should assess organizational threats based on their own current threat landscape and, specifically, the top cybersecurity risks facing their organizations, rather than getting carried away. by the latest media rumors.
Given the level of knowledge and the wide availability of available patches, this tactic may surprise security teams. However, there are several factors that continue to make exploiting known vulnerabilities valuable to attackers. It is often the case that cybercriminals seek to take the path of least resistance when carrying out cyberattacks, which means testing known exploits, for which they have developed particularly strong techniques, before moving on to more time-intensive and strategically planned intrusions.
For SMEs, particularly those in highly regulated or critical industries, balancing the need to keep their existing technology stack running continuously with the financial cost and skills required to patch known vulnerabilities means many of them are left at risk, indefinitely. For SMBs, this makes the use of managed service providers (MSPs), who can apply testing, insights, industry-leading tools, and set up automated patches, particularly attractive.
How can SMBs reduce the risk of known exploits?
Fighting cyber threats is a never-ending exercise. Vulnerabilities emerge constantly and attackers are relentless in their attempts to exploit them, even years after first identifying them. This underscores the critical nature of staying informed about threats, patching vulnerabilities quickly, and implementing a layered security approach.
For SMBs, building a more secure digital future requires a combination of a strong cybersecurity strategy at the leadership level and the intelligent application of MSPs who can employ the gold standard in cybersecurity tools and knowledge and help reduce the risks they pose. known vulnerabilities.
Ultimately, cybersecurity leaders must ensure they sufficiently prioritize threats and allocate resources and time based specifically on the risk an organization faces. This prioritization is a key step in ensuring the strongest possible cybersecurity. This requires a fundamental understanding of the specific risk landscape facing each industry and avoiding getting caught up in the latest, scariest AI trend.
We have listed the best patch management software.
This article was produced as part of TechRadarPro's Expert Insights channel, where we feature the best and brightest minds in today's tech industry. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing, find out more here: