China continues to lead the way for government-backed exploitation of zero-day vulnerabilities. The cyber espionage groups in the country exploited 12 zero-day vulnerabilities in 2023, up from seven in 2022, a Google report said on Wednesday.

A zero-day bug is a vulnerability in a system or device that has been disclosed but is not yet patched.

In 2023, Google observed 97 zero-day vulnerabilities exploited in the wild.

That’s over 50 percent more than in 2022, but still shy of 2021’s record of 106, according to the report by Google’s Threat Analysis Group (TAG) and cyber-security firm Mandiant.

Buy Me A Coffee

“Attackers are now shifting focus to third-party components and libraries in 2023. Zero-day vulnerabilities in third-party components and libraries were a prime attack surface in 2023, since exploiting this type of vulnerability can scale to affect more than one product,” said James Sadowski, Principal Analyst, Mandiant Intelligence.

The team observed an increase in adversary exploitation of enterprise-specific technologies in 2023, with a 64 percent increase in the total number of vulnerabilities from the previous year and a general increase in the number of enterprise vendors targeted since at least 2019.

Exploitation associated with financially motivated actors proportionally decreased last year.

“Financially motivated actors accounted for 10 zero-day vulnerabilities exploited in 2023, a lower proportion of the total than what we observed in 2022,” said the Google report.

It added that organizations need to build defensive strategies prioritizing threats that are most likely to cause damage to themselves and others.

READ
Los Angeles Housing Authority Hit by Cactus Ransomware Attack, Sensitive Data at Risk