2 min

Cybercriminals are more likely to attack vulnerabilities with a high CVE score within seven days. These are the top one percent of bugs in terms of severity.

Common vulnerabilities and exposures (CVEs) with a high vulnerability score are exploited with 327 times greater likelihood within seven days of publication. This finding can help cybersecurity teams in organizations prioritize patches.

The finding comes from FortiGuard Labs’ latest Global Threat Landscape report. The conclusion was made based on an analysis of data for a six-year period, during which more than 11,000 vulnerabilities were published.

Fewer ransomware attacks

During the first half of 2023, researchers also noticed that fewer organizations were affected by ransomware than compared to all of 2022. Instead of launching many ransomware attacks, hackers are becoming more targeted. According to the researchers, cybercriminals aim for a higher return on investment.

The number of malware families is growing steadily, though. In the past five years, the number of malware families that found their way into at least 10 percent of all organizations is said to have doubled.

Also read: Akira ransomware is new cash cow for Conti criminals

Compromised longer

Finally, the study again shows that corporate networks are being compromised longer. FortiGuard Labs looked specifically at the number of active days of botnets. The definition within this study is the time that elapses between the first and last time a botnet scans a security sensor. In the first six months of 2023, it took an average of 83 days for communication between bots and their command and control (C2) server to be broken. Compared to five years ago, the number of active days increased by a factor of a thousand. Security teams can factor this in when evaluating the importance of rapid incident response.