NSFOCUS is a leading provider of enterprise-level network security solutions and services. NSFOCUS has released the annual cybersecurity insights report in April, which analyzed the overall trends, threats, and challenges in the cyber landscape. The full NSFOCUS Cybersecurity Insights for 2022 report is available here. Here are some of the key findings from the report:
- The number of new vulnerabilities discovered in 2022 increased by nearly 30% from 2021. CWE-79 vulnerabilities (cross-site scripting) still took the crown. In terms of scanning incidents, Windows MS17-010 vulnerabilities were mainly the target. As for servers, web servers were most frequently attacked, mainly via vulnerabilities in the Common Gateway Interface (CGI). When it comes to application software, more than 80% of exploits were against browser vulnerabilities.
- In 2022, the number of emerging malware families far exceeded that of previous years. New malware families were frequently seen in the cyber warfare between Russia and Ukraine and for the expansion of the Internet of Things (IoT) botnets and the competition between ransomware gangs. Special malware programs, such as cyber warfare weapons and advanced persistent threat (APT) tools, and conventional malware programs, such as IoT botnet trojans, significantly improved in customization and evolved towards function splitting and cross-platform execution.
- European and American countries were hardest hit by ransomware attacks. Government enterprises were the top targets of such attacks. Ransomware has become a type of persistent cyber threat that is moving towards commercial operations.
- In 2022, Eastern Europe was an intensely turbulent region where APT groups were also active. While the Russia-Ukraine war led to tensions between major powers in the already conflicted regions of South Asia, the Korean Peninsula, and the Middle East, APT activities were also on the rise in these regions.
- In 2022, both the number of data breaches and the amount of data leaked in a single incident reached record highs. There were three main reasons behind this: Internet exposure and misconfiguration, hacking, and cloud credential leakage. Countries around the world have strengthened punishment for data breaches.
The report also listed new botnet gangs NSFOCUS discovered in 2022, including 33T, Frosted, Fallen Leaves and Flying Flowers (Luoyefeihua), First Tower, and Vitas, as well as new DDoS attacker groups such as Tigger. In addition, NSFOCUS Security Labs discovered 14 new innovative botnet families with independent communication protocols and attack capabilities, such as BOAT, Yeskit, and RapperBot.
This report unveiled that botnet cybercriminals put more effort into concealment. NSFOCUS warned people that an increasing “Keksec Effect” had been caused by botnet gongs and botnet trojans had beem becoming increasingly stealthy. The Keksec effect is a kind of aggregation and concealment effect. More and more botnet gangs use social media to attract more “customers” to buy or rent botnets but leave Keksec tags in botnet trojans to conceal their true identities.
Cybersecurity is not only a technical challenge but also a business imperative for organizations in the digital era. We hope the insights from NSFOCUS can help you examine your current organization’s security controls and achieve greater security confidence in 2023 and beyond. If you have any questions or need assistance with a proactive and holistic approach to your network security, feel free to contact us at any time.