Critical cybersecurity vulnerabilities can be addressed in minimum time of 205 days
ByShehryar Makhdoom | Published date:
The report reports that more than 66 percent of all utility applications had found at least one easy exploit the vulnerability throughout the year.
A new WhiteHat Security analysis showed that the average time required to resolve serious cybersecurity vulnerability rose from 197 to 205 in May 2021 in April 2021.
WhiteHat Security researchers had found the largest exposure window to the application's vulnerabilities in the utility sector organizations in their AppSec Stats Flash report, highlighting a problem that made national news last week, when over 50,000 water treatment plants throughout the US were discovered to have low-level cybersecurity.
Apart from an attack on Florida's water treatment facility earlier this year, multiple attacks on utility companies are unreported.
According to the report, more than 66% of all programs used by the utility industry have at minimum one exploited vulnerability open year-round. WhiteHat Security vice president Setu Kulkarni stated that more than 60percent of apps in manufacturing also had a 365-day exposure window.
"They also have a tiny percentage of exposure-related cases that are fewer than 30 days — applications where exploitative, severe faults are fixed for less than one month," Kulkarni said, stressing that the financial and insurance industries have done better to remedy faults.
WhiteHat Security Researchers have said information leakage, short session expiry, cross-site scripting, inadequate transport layer protection and contents spoofing are the top five vulnerability classes in the last three months.
The research states that all of these "pedestrian" vulnerabilities need minimal effort or ability to find and attack.
Comment