Security holes are exploited by hackers very quickly in 2022
Sat Jul 30 2022
Only 15 minutes after a security vulnerability was announced, hackers began scanning and attacking enterprise information systems.
While hackers deploy attacks faster and faster, system administrators have too little time to fix security holes. This is the information given in the 2022 incident response report of Palo Alto (an American multinational cybersecurity company based in Santa Clara). Statistics show that only 15 minutes after a vulnerability is listed on the CVE list, hackers have begun to search the Internet for systems where this vulnerability exists.
Simple negative target vulnerability scanning process
According to Bleeping Computer, the scanning process is not complicated and even a low-skilled hacker can perform it to find potential targets. They then sell their results on the black market Web sites, where hackers can exploit them more. Over the next few hours, a few sites or apps started to complete the patch, but most of them didn't add much value to the security issues at this point.
"It's a race between defenders and attackers. Latency on both sides is decreasing year by year," commented Bleeping Computer.
For example, with CVE-2022-1388 - a type of vulnerability that allows remote command execution on F5 BIG-IP products, just 10 hours after being announced on May 4, 2022, the Cybersecurity monitoring tool has continuously detected more than 2,500 scans and hacker attacks on systems around the world.
Hackers focus on exploiting security holes on popular Web/App
Palo Alto's report also shows that hackers often attack the online platforms used by the most customers, because this is where there are more vulnerabilities to attack. In fact, more than 55% of the attacks on the ProxyShell vulnerability in the first half of 2022 exploited Microsoft Exchange servers, and 14% of the attacks targeted the Log4Shell vulnerability.
Statistics on hackers attacking through security holes in the first half of 2022. Photo: Palo Alto
According to cybersecurity experts, the system administrator of each enterprise will face greater attack pressure, due to the increasing and faster scanning and exploitation speed of hackers. The recommended best solution is to hide the root server system on the Internet, or use a virtual private network and limit the number of administrators who have access to the server. This is considered a way for administrators to prolong software update time and patch vulnerabilities.
3 Simple ways to hide IP to protect origin server from vulnerability attack
To perform the method of hiding the origin server IP, you should first change the IP address of the server immediately, because there is a possibility that the original IP has been exposed but you do not know it. You can then turn on the Cloud WAF firewall on VNIS's security platform to protect the origin server from attacks like XSS, SQL Injection,... and especially the top 10 OWASP vulnerabilities.
With just a few clicks on VNIS's new portal, you can block IP addresses by country or block attacking IPs simply and quickly. VNIS's security platform helps you effectively hide the origin server IP with 2 layers CDN and layer [WAF](https: //www.vnis.vn/en-US/features/cloud-waf/) for comprehensive security for your Web Server.
In particular, VNIS has many Cloud WAF clusters in countries and regions around the world to help fight the biggest Layer 3/4/7 DDoS attacks.
The main advantage of Cloud WAF is the scalability of globally distributed networks and access points, ensuring minimal latency and large coverage area. In the event of increased website traffic, Cloud WAF leverages the underlying cloud infrastructure to quickly protect endpoints from threats.
At the same time, VNIS integrates load balancing features AI, RUM, Multi CDN and other technologies, with a load capacity of up to 2600 Tbps, helping the Website always work well before any attacks.
To experience VNIS's smart website security features, leave a message to our experts or call the hotline: (028) 7306 8789 for the earliest support.
Table Of Contents
