Technology

Google report shows China as the leader in government-backed exploitation of zero-day bugs

New Delhi, March 27 (IANS) – China is at the forefront of government-backed exploitation of zero-day vulnerabilities, with cyber espionage groups in the country exploiting 12 zero-day vulnerabilities in 2023, according to a Google report released on Wednesday. These numbers are up from seven in 2022.

A zero-day bug is a vulnerability in a system or device that has been disclosed but is not yet patched. In 2023, Google observed a total of 97 zero-day vulnerabilities being exploited in-the-wild, which is over 50 per cent more than in 2022 but still below the record of 106 vulnerabilities observed in 2021, as per the report by Google’s Threat Analysis Group (TAG) and cybersecurity firm Mandiant.

James Sadowski, Principal Analyst at Mandiant Intelligence, stated, “Attackers are now shifting focus to third-party components and libraries in 2023. Zero-day vulnerabilities in third-party components and libraries were a prime attack surface in 2023, since exploiting this type of vulnerability can scale to affect more than one product.”

The team also noted an increase in adversary exploitation of enterprise-specific technologies in 2023, with a 64 per cent increase in the total number of vulnerabilities from the previous year. There has been a general increase in the number of enterprise vendors targeted since at least 2019 as well.

Furthermore, the report mentioned that exploitation associated with financially motivated actors proportionally decreased last year. “Financially motivated actors accounted for 10 zero-day vulnerabilities exploited in 2023, a lower proportion of the total than what we observed in 2022,” stated the Google report. Organisations are advised to prioritize defensive strategies that address threats likely to cause damage.

IANS

IANS, established in 1986, is India's largest independent news service, offering 24x7 news from India and South Asia, and a preferred source for diverse content across six business verticals.

Related Articles