The security company tenable revealed this Thursday (16) its Threat Scenario Report for the year 2022, which showed worrying facts about Brazil. The country leads the global ranking of data volume improperly exposed, according to the company’s metrics.
And Brazil is at the top with some slack. The company points out that, throughout the year, 1,335 incidents were analyzed, in which 257 terabytes of data were exposed. Of these, 112 TB were in Brazil alone, that is, about 43%.
The report also points out that these violations allowed the exposure of 2.29 billion records worldwide, with more than 800 million leaked as a result of unprotected databases.
Old flaws, eternal problems
The report highlights that while zero-day threats, the name given to vulnerabilities discovered by cybercrime before there is a security update, are a perennial risk, they should not be the biggest concern for companies.
On the contrary: most of the attacks analyzed throughout 2022 used already known and documented vulnerabilities, for which there was already a fix. Cybercriminals take advantage of companies’ slowness in installing patch patches to continue exploiting holes that have been around for years.
As Tenable points out, the very serious Log4J flaw, which affects software libraries used by all types of systems and was revealed in 2021, still continued to be widely exploited in 2022. Only 21% of companies had adopted solutions to mitigate the problem after an entire year of its discovery.
Generally speaking, a widespread problem is the lack of proactivity in installing security updates. In February 2023, a flaw in VMware ESXi allowed the spread of ransomware on more than 1,800 hosts, 17 of them in Brazil. The failure, however, had been documented since 2021, and by February 13, 2023, it had been resolved by only 34% of companies. After disclosing the attacks and the severity of the vulnerability, 87% of companies had applied patches just 10 days later, which shows a strong reaction but also indicates that 13% are still unprotected.
Ransomware remains the top threat
Cybercrime has not yet found a new type of attack as effective as ransomware, which continues to be the main threat in the market, in Brazil and in the rest of the world.
The study reports that 52% of registered cyberattacks in Brazil involved ransomware. The number is higher than the global average, which is 35.4%.
Criminals mainly targeted public administration, which was the target of 42% of ransomware attacks in Brazil. Closing the podium of the most threatened sectors are retail, with 19%, and finance and insurance, with 9%.
Tenable also reinforces that, over the last few years, there has been a change in the profile of ransomware attacks, which no longer behave like WannaCry, which shook the world in 2017.
Back then, attacks only extorted their victims by encrypting their data and demanding payment in cryptocurrencies to ransom them. However, since then, cybercriminals have understood that they could also take advantage of the hack to steal sensitive information and threaten to release it. In this way, they can monetize the same attack twice, in a model known as “double extortion”.
