Nearly half of last year's zero-days targeted enterprise devices: Google
What's the story
A recent report by Google has revealed a worrying trend in cybersecurity. The search and security giant found that nearly half of the zero-day vulnerabilities it tracked last year targeted enterprise devices. These are flaws in software that are unknown to its creator at the time of exploitation. This marks a new high for hackers, who are increasingly finding new ways to target large companies and steal their data.
Targeted tech
Security and networking devices were most vulnerable
The report found that nearly half of the zero-day vulnerabilities were found in technologies used by corporations and large businesses. Alarmingly, a significant number of these flaws were discovered in security and networking devices such as firewalls from Cisco and Fortinet, VPNs (virtual private networks) and virtualization platforms like Ivanti and VMWare. All four companies have confirmed that hackers have exploited their products on customer networks in recent months.
Exploit methods
Hackers exploited incomplete authorizations and input validation bugs
Google's researchers found that hackers exploited common flaws such as input validation and incomplete authorization processes. These were used to break through firewall and VPN defenses, giving them access to customer networks. While these bugs are generally easier to exploit, they usually require a software update for fixing. The report also highlighted other buggy software accounting for the remaining half of enterprise zero-days.
Data breach
Clop extortion gang hacked Oracle's software used by several companies
The report also highlighted the Clop extortion gang's campaign against Oracle E-Business Suite customers. This allowed hackers to steal massive amounts of human resources data from dozens of companies about their staff and executives. The hacks impacted several organizations, including Harvard University, American Airlines subsidiary Envoy, and The Washington Post among others.
Consumer impact
Mobile operating systems saw more zero-days than ever before
The report found that 52% of zero-day bugs were found in consumer and end-user products such as those made by Microsoft, Google, and Apple. Most of these vulnerabilities were discovered in operating systems, with mobile devices seeing more zero-days than in previous years. This shows that even consumer tech is not safe from potential cyber threats.
Vendor shift
Shift in how governments seek access to hacking tools
Google also linked more zero-days to surveillance vendors than traditional government-backed espionage groups. Surveillance vendors are usually spyware makers and exploit developers, who work on behalf of governments to hack into people's phones. The company said this shift shows "a slow but sure movement in the landscape" in how governments seek access to hacking tools.