Express Computer
Home  »  News  »  Unit 42 research report exposes evolving cybersecurity risks across critical industries

Unit 42 research report exposes evolving cybersecurity risks across critical industries

0 63

Palo Alto Networks released its latest report, ‘2024 Unit 42 Attack Surface Threat Report’, revealing the rapidly evolving landscape of cybersecurity threats. The study, drawn from several petabytes of data collected throughout 2023, highlights the growing challenges organisations face in securing their IT infrastructure amid constant changes and the increasing likelihood of AI-driven attacks.

This report underscores that organisations in critical sectors such as insurance, pharmaceuticals, and manufacturing are seeing a relentless evolution in their attack surfaces, making them prime targets for cyber criminals exploiting AI-generated vulnerabilities. As businesses continue to expand their digital footprints, the test of tracking and protecting all assets becomes increasingly difficult. Many organisations struggle to inventory their internet-facing applications, leaving them exposed to cyber threats that often begin with the exploitation of software vulnerabilities.

Key findings from the report include:

Constantly evolving attack surfaces: On average, an organisation’s attack surface introduces over 300 new services every month, accounting for nearly 32% of new high or critical cloud exposures. This rapid growth of new services without central oversight inevitably leads to misconfigurations and exposures, resulting in higher chances of a breach.

Increased risks from lateral movement and data exfiltration: Organisations experienced 73% of high-risk exposures within IT and Networking Infrastructure, Business Operations Applications, and Remote Access Services, which can be exploited for lateral movement and data exfiltration.

Critical IT and security infrastructure exposures: Over 25% of exposures involve critical IT and networking infrastructure, opening doors to opportunistic attacks. These include vulnerabilities in application-layer protocols and internet-accessible administrative login pages of routers, firewalls, VPNs, and other core networking and security appliances. Remote access services and business operation applications also constitute a significant portion of exposures, with each comprising over 23% of attack surface exposures.

High vulnerability in key industries:

Media and entertainment: The industry experienced the highest rate of new services added, exceeding 7,000 per month.
Telecommunications, insurance, pharma and life sciences: These industries saw substantial increases, with over 1,000 new services added to their attack surfaces.
Critical industries: Financial services, healthcare, and manufacturing saw their attack surfaces add over 200 new services every month.

The report also highlights the need for organisations to adopt AI-driven tools like Cortex Xpanse which provides continuous asset discovery and inventory. This capability is essential for maintaining complete visibility into the attack surface and reducing security risks.

Anil Valluri, MD and VP, Palo Alto Networks India and SAARC said, “As digital transformation and cloud adoption accelerate, the attack surface becomes more dynamic and challenging to secure, heightening the risk of AI-driven attacks that can scan billions of IP addresses in minutes to exploit vulnerabilities. With nearly half of exposures linked to remote access services and core networking infrastructure, and 23% to business operations applications, maintaining real-time visibility and monitoring is crucial. Leveraging AI-driven solutions for continuous asset discovery and inventory is essential to ensure comprehensive visibility and mitigate security risks.”

To secure attack surfaces effectively, maintaining persistent and comprehensive visibility across all assets, is essential for identifying and responding to risks such as high-profile vulnerabilities. Monitoring for unsanctioned services or shadow IT is critical to differentiate between known and unknown assets. Prioritising remediation efforts on high-severity vulnerabilities, especially those that are internet-exposed, is also crucial. Moreover, organisations should implement processes to address critical exposure risks in real time, optimise cloud configurations, and enforce secure data handling practices. Finally, staying informed about emerging threats and regularly reassessing the organisation’s attack surface are key strategies to mitigate risks.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image