Google’s Zero Days Project reports record number of detections and closures in 2021
Google’s Zero Days Project, which analyses in-the-wild zero-day trends and exploits, reported that 2021 contained the most zero-day detections and closures since the inception of the project.
A zero-day vulnerability is an unknown exploit in the wild that exposes a vulnerability in software or hardware and can create complicated problems before anyone realises something is wrong.
According to the team’s annual report, it found a record 58 zero-day exploits in 2021. That’s over double the 25 it detected in 2020 and the previous record of 28 detected in 2015.
“We believe the large uptick in in-the-wild 0-days in 2021 is due to increased detection and disclosure of these 0-days, rather than simply increased usage of 0-day exploits,” wrote Maddie Stone, Project Zero Security Researcher at Google.
Google also notes that – of the 58 zero-day exploits it found in 2021 – just two “stood out as novel: one for the technical sophistication of its exploit and the other for its use of logic bugs to escape the sandbox.”
The remaining 56 zero-day exploits were reportedly similar to previous and publicly-known vulnerabilities.
Oliver Pinson-Roxburgh, CEO of Defense.com, comments on the announcements: “The recent report from Google’s Zero Days Project showcases the complex threat landscape faced by businesses today. Today bad actors have the ability to operate at scale and at pace, deploying automated attack methods to probe for unknown vulnerabilities right across the internet.”
“The threat from a zero-day vulnerability does not end when a fix is identified. In this scenario, a significant proportion of businesses allow complacency to creep in. One recent study from Bulletproof found that, even after being identified, a quarter of businesses are leaving critical vulnerabilities unaddressed.
“Many businesses know about, and want to tackle high-priority threats. However, as businesses rapidly expand their digital presence, this has created a vastly expanded attack surface and a subsequent explosion of critical vulnerabilities. Most security teams I speak to are struggling to keep on top of even high-priority patches.”
“Google’s report should encourage all businesses to continue to monitor and flag any zero-day vulnerabilities that emerge. This collective action allows the industry to work quickly to find a solution, and minimise its value for attackers. It is then up to businesses to make implementing these patches a priority. Long term, the focus should be on a defence in depth approach, layering multiple cyber resilience tools and tactics to thwart potential attackers and protect critical business functions.”