Cybercriminals typically rush to take advantage of new vulnerabilities. They often perform scans within 15 minutes of disclosing CVE vulnerabilities to find vulnerable internet assets. On the other hand, enterprise organizations need an average of twelve hours to find vulnerable systems.
A study by Palo Alto Networks looked at the activities of cybercriminals from January to March 2021. During this period, the Microsoft Exchange Server hack was announced. Palo Alto found that large-scale scanning for vulnerabilities was already taking place five minutes after the announcement.
In addition to the rapid response, cyber criminals are actively looking for vulnerable systems within corporate networks 24/7. Hackers perform a new scan every hour on average. The exposure of systems has increased significantly in the past year due to the many remote and home working .
According to Palo Alto Networks, most enterprise organizations are unable to respond to major attacks. Everything indicates that most scanners rely on a database of known CVEs (Common Vulnerabilities and Exposures), just like antivirus programs. These programs rely on the latest updates, causing some companies to wait days for an update that can combat the hack.