The number of publicly disclosed information security issues will increase dramatically next year, the managing general agent of Coalition Inc. said in a report published Wednesday.
The number of Common Vulnerabilities Exposures, which is a database of these incidents maintained by the National Cybersecurity Federally Funded Research and Development Center, can be expected to increase to more than 1,900 CVEs per month, including 270 considered “high” and 155 considered ” critical severity,” according to the report.
This would be a 13% increase in average monthly critical incidents from 2022, says the report, Cyber Threat Index 2022.
The report says email addresses and passwords consistently top the list of information lost in a data breach.
It also says that Remote Desktop Protocol is still “by far”; the most common remote scanning protocol used by attackers, and RDP scanning traffic is very high.
“This means that attackers are still exploiting old protocols with new vulnerabilities such as RDP to gain access to systems, which is why it is critical to quickly patch these,” the report said.
The Coalition said it compiled its report based on critical information gathered from its insurance and claims practices, as well as from Internet scans of 5.2 billion Internet Protocol addresses.
The company said in a statement that it recommends organizations and their security and IT teams prioritize applying software updates within 30 days of a patch being released, and follow regular upgrade cycles to older software vulnerabilities to prepare for this year’s threats.