The vulnerabilities are present in all types of operating systems and devices. It is a problem that we constantly have to face. Hackers can take advantage of this to attack computers. However, not all failures are the same. In this article we echo a report that shows how more than half of the vulnerabilities during 2020 were categorized as serious or very serious.
Most vulnerabilities are serious or very serious
A vulnerability can be classified as low, medium or high risk, basically. Some are very difficult to exploit and if they succeed the attackers are not going to get much out of it. On the other hand, others may be easier to exploit and even pose a real danger to the privacy and security of users.
This makes it more important than ever to keep computers protected and up-to-date to correct vulnerabilities. A report by NIST indicates that during 2020 they detected about 18,000 vulnerabilities. Of these, more than 10,000 were classified as serious or very serious.
Therefore, more than half of the vulnerabilities in the past year were severe or very severe. The computer security researchers alert to this problem and urge all types of organizations and also private users to keep the equipment patched at all times.
Specifically, they detected 18,103 vulnerabilities , of which 10,342 were rated at least as serious. Especially noteworthy is the increase in vulnerabilities of low complexity and that do not need user interaction to be exploited. This makes the task much easier for cybercriminals.
In fact, vulnerabilities considered low complexity represented 63% of the total in 2020. Those that did not need the interaction of the victim were 68% of all the vulnerabilities they found. Figures that are undoubtedly more than important and show the need to properly protect equipment.
Large increase in physical vulnerabilities
Another important point of this report is that during 2020 there was a large increase in physical vulnerabilities, mainly due to the rise of IoT devices and smart equipment .
They also warned that vulnerabilities that appear to be low risk should not be underestimated. They indicate that attackers can move from one vulnerability to another as if they were layers and thus be able to achieve their final objective.
To help stay protected, IT security teams need to identify vulnerabilities , prioritize security, and always keep equipment patched. The latter is essential, since having the systems correctly updated, with all the appropriate security changes, will be essential so as not to compromise privacy and proper functioning. It is essential to keep your devices up to date at all times.
But many of these vulnerabilities are not detected or take time to be published, so the updates are not immediate. Hence, it is also a good idea to use supplemental controls, such as continuous network monitoring for possible anomalies. All this makes possible risks are mitigated and our security and privacy are always safe.