Zero-day attacks, main Chinese hackers responsible in 2021

Zero-day attacks, i.e. those that exploit security holes not yet discovered or corrected, are on the rise, as reported by several analysts, including Mandiant. These attacks are particularly dangerous as, since the developers have not yet been able to remedy the vulnerability, their effectiveness can be devastating. According to the researchers, looking at the 0-day attacks perpetrated in 2021, most of them are attributable to Chinese hackers. The cases recorded for last year amounted to 80, 18 more than in the previous two years combined, demonstrating how much the tendency to exploit these attack vectors is growing. On the other hand, the vulnerabilities not yet repaired are very interesting for attackers, since they leave the site exposed for at least a few days, within which hackers can conduct their operations almost undisturbed. Platforms affected by 0-day attacks in 2021 - Source: Mandiant According to the research, the number of cases of zero-day economic attacks is also increasing: although most of the criminal actions seem to be attributable to espionage operations conducted by groups with government support, attacks for profit are increasing. In 2021, the ranking is dominated by China, from which 8 cyber-attacks based on 0-day vulnerabilities would have been registered, followed by Russia with 2 and North Korea with 1. In particular, a group of hackers would seem to be very active Chinese Hafnium, notoriously close to the country's state agencies, which allegedly exploited four zero-day Microsoft Exchange vulnerabilities to conduct its operations.

Finally, Mandiant notes that ransomware attacks based on such exploits are also on the rise. Attacks targeting iOS and Android devices are also on the rise. In addition, further growth is expected in this area for 2022, as also confirmed by the Google Project Zero team

by Marco Doria | Tuesday 26 April 2022 12:30

COMMENT: the software development techniques of ICT companies must be reviewed. Stop putting products on the market that are tested by customers. Code cleanup must be done by finding bugs before putting it on the market. This obviously costs but, as described in the article, the total cost of the attacks is much higher. We have products that identify and allow you to correct untested lines of code with a simple comparison between appropriate test logs and the listing of the software