- 22 July 2021 12:14
Attackers use old unpatched software vulnerabilities to target businesses - Barracuda
Analysing global data from attacks blocked by Barracuda’s systems over the past two months, Barracuda researchers reported that cybercriminals routinely probe for unpatched vulnerabilities, sometimes years after the vulnerability was initially detected. The study uncovered hundreds of thousands of automated scans and attacks per day, with those numbers sometimes spiking into the millions, as cybercriminals probe for easy entry into business networks, sometimes years after the release of patches and mitigations.
Patching is the most basic way that companies can improve their cybersecurity posture, but old versions of software still exist in organisations' IT environments. According to Barracuda, cybercriminals continue to cash in on unpatched systems knowing that defenders don’t always have the time or bandwidth to keep up with latest patches, which can provide a convenient way into an organisation’s network.
Barracuda’s study found that these attacks follow the working week, allowing attackers to stay undetected, rather than launching attacks during weekends where they are more likely to be noticed due to less system traffic. Common attack types included reconnaissance/fuzzing, and attacks against application vulnerabilities, with attacks against WordPress being the most common, along with common injection attacks against Windows.
The research also analysed the levels of HTTPS traffic and the versions of the protocols used. When it came to traffic from the worldwide deployments, the latest TLS1.3 was the clear leader, followed by TLS1.2. Some deployments are still using plain HTTP, which has a higher volume of traffic than the older and insecure SSL/TLS protocols.
Echoing Gartner’s 2020 WAF Magic Quadrant, in order to stay protected against attacks on software vulnerabilities, Barracuda recommends for organisations to employ a properly configured WAF-as-a-Service or WAAP solution that includes bot mitigation, DDoS protection, API security, and credential stuffing protection.
“The study shows that cybercriminals continue to cycle through a list of known high-impact vulnerabilities to find any gaps that can let them into a network. In order to ensure that you don’t fall victim to this kind of attack, having a robust WAF/WAF-as-a-Service solution which can help you patch all known vulnerabilities will ensure that your cybersecurity posture remains watertight, and your organisation remains protected now and in the future,” said Mark Lukie, Systems Engineer Manager, Barracuda, Asia-Pacific.