Analyzing global data from attacks blocked by Barracuda’s systems over the past two months, the company’s researchers reported that cybercriminals routinely probe for unpatched vulnerabilities, sometimes years after the vulnerability was initially detected.
The recent study conducted by cybersecurity firm Barracuda uncovered hundreds of thousands of automated scans and attacks per day, with those numbers sometimes spiking into the millions, as cybercriminals probe for easy entry into business networks, sometimes years after the release of patches and mitigations.
Patching is the most basic way that companies can improve their cybersecurity posture, but old versions of software still exist in organizations’ IT environments. According to Barracuda, cybercriminals continue to cash in on unpatched systems knowing that defenders don’t always have the time or bandwidth to keep up with the latest patches, which can provide a convenient way into an organization’s network.
Barracuda’s study found that these attacks follow the working week, allowing attackers to stay undetected, rather than launching attacks during weekends where they are more likely to be noticed due to less system traffic. Common attack types included reconnaissance or fuzzing, and attacks against application vulnerabilities, with attacks against WordPress being the most common, along with common injection attacks against Windows.
“The study shows that cybercriminals continue to cycle through a list of known high-impact vulnerabilities to find any gaps that can let them into a network,” said Mark Lukie, systems engineer manager, Barracuda, Asia-Pacific. “In order to ensure that you don’t fall victim to this kind of attack, having a robust WAF/WAF-as-a-Service solution that can help you patch all known vulnerabilities will ensure that your cybersecurity posture remains watertight, and your organization remains protected now and in the future.”
Echoing Gartner’s 2020 WAF Magic Quadrant, in order to stay protected against attacks on software vulnerabilities, Barracuda recommends for organizations to employ a properly configured WAF-as-a-Service or WAAP solution that includes bot mitigation, DDoS protection, API security, and credential stuffing protection.