New York, NY and Tel Aviv (February 9th, 2022) - Cymulate, the Extended Security Posture Management market leader, today announced a summary of its platform usage in 2021 illustrating that web application firewalls are the least effective security solutions, making them prime targets for adversaries and high-risk points for organizations.
- Overall unique threats in the wild increased to 819 in 2021, up 36.5% from 2020
- Phishing attacks rose by 161% during 2021
- User accounts that lack any form of multi-factor authentication are extensively abused
- In 2021, post-exploit activity quickly escalated into enterprises' infrastructure - expanding the extent of the initial compromise and complicating remediation
- The number of security teams running assessment campaigns and scenarios grew by 66% in 2021 compared to 2020, with many enterprises choosing to run at least one assessment per day, taking corrective actions immediately.
Top threats that most companies were at risk from in 2021 include LockBit, Conti and Dharma ransomware, HAFNIUM, TeamTNT, and APT29 with Log4j abuse, Reg XX, and escalation of privileges via Active Directory flaws expected to continue in 2022.
The full report can be accessed here
While the majority of companies are at medium risk of attacks, the technology sector is the most vulnerable followed by critical infrastructure and manufacturing. Risks to the technology industry increased dramatically in 2021 from 2020 with a rise in spear-phishing attacks attempting to gain a foothold. The weakest link however remained the Web Application Firewall and phishing awareness. While the critical infrastructure sector’s most problematic area is data exfiltration, i.e. the unauthorized movement of data or data theft.
“Every industry today depends on IT for business success and this is driven by digital innovation through applications,” said Eyal Wachsman, CEO, and Co-Founder of Cymulate. "Attackers however have become very adept at taking advantage of existing gaps left by the rush towards productivity and adapting progressing information architectures. And when organizations fail to put metrics in place for their security programs, these gaps remain open and can lead to devastating consequences from immediate threats and data theft.”
Additional key findings:
- The Americas are the most vulnerable region, with the most immediate threats from Data Exfiltration and WAF, while APAC had the most phishing attempts.
- Attackers took full advantage of overly permissive accounts without multi-factor authentication (MFA), malicious Microsoft Macros and Adobe PDF extensions as well as benign decoy files and Windows API functions resolved at run-time, to launch successful attacks
The research report is conducted across hundreds of Cymulate’s customers across all geographies and verticals, including healthcare, finance, critical infrastructure, manufacturing and more. The results are based on anonymized aggregated data of simulated attack scenarios and campaigns of Cymulate’s global user base. The Cymulate risk score provides a quantifiable metric that enables customers to prioritize their mitigation activity, track performance, and benchmark themselves over time.
Cymulate SaaS-based Extended Security Posture Management (XSPM) deploys within an hour, enabling security professionals to continuously challenge, validate and optimize their cyber-security posture end-to-end, across the MITRE ATT&CK® framework.
The platform provides out-of-the-box, expert, and threat intelligence-led risk assessments that are simple to deploy and use for all maturity levels, and constantly updated. It also provides an open framework to create and automate red and purple teaming by generating penetration scenarios and advanced attack campaigns tailored to their unique environments and security policies. Cymulate allows professionals to manage, know and control their dynamic environment.
Contact for Cymulate:
Levona Simha, Marketing Director at Cymulate
IL: +(972) 523 536638
Media contact for Cymulate:
US: +1(707) 533-1504
IL: +(972) 54-649-3485