Cyber criminals continue to exploit known vulnerabilities: Kaspersky

Cyber criminals continue to exploit known vulnerabilities: Kaspersky

Security vendor finds that unpatched vulnerabilities are still being taken advantage of

Cyber criminals still make extensive use of known vulnerabilities, even as zero-day attacks continue to rise.

In joint research carried out by Kaspersky Lab. and Outpost24, unpatched loopholes continue to be a popular means of carrying attacks.

Kaspersky Lab global research and analysis team senior security researcher, David Jacoby, said that this is situation is leading cyber criminals to hack the people that manage the system instead of the corporate system itself.

“The results are a wake-up call for those searching for tailored security solutions that cover the ‘threats of tomorrow,’” he said.

“It highlighted that training your staff to be prudent is just as important.”

Despite companies paying for a dedicated service to look after their security, the research found some corporate systems remained unpatched and vulnerable for a decade.

Even so, Jacoby said that hotels and privately owned companies have so far “shown a greater awareness and security” than government organisations.

A global issue

Outpost24 chief security officer, Martin Jartelius, said the joint research highlights how unsophisticated attacks on corporate networks can have an effect without resorting to expensive zero-day exploits.

“Whether it’s exploiting poor security practices, misconfigured security devices or staff that lack security training, companies should understand that it is possible to gain control of most parts of the organisation, even though no new attacks or methods are used,” he said.

Jartelius adds that the time from when a vulnerability is detected to when it is patched is “almost uniform in every country,” indicating that this is a global trend.

“It is therefore essential to shift the approach to security from stand-alone tools to integrated solutions as part of business processes,” he said.

Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags exploits and vulnerabilitieskaspersky labs


ARN Innovation Awards 2022

Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.

EDGE 2022

EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.

Show Comments