2021 Threat Landscape Retrospective

2021 was certainly a turbulent year, punctuated with the revelation of a critical vulnerability in the widely-used Apache Log4j library. The lingering Covid-19 pandemic had already accelerated online and cloud migration, providing ripe targets for attackers. Organizations were faced with higher risks from interconnectivity resulting in major disruption from breaches, ransomware attacks, and attacks on the software supply chain. Tenable’s 2021 Threat Landscape Retrospective (TLR) provides valuable lessons learned as attackers relentlessly exploited the software supply chain. Cyber security practices need to evolve to address modern technology deployments. This dashboard leverages Tenable’s 2021 Threat Landscape Retrospective to identify the most notable cyber security trends that occurred in 2021.

The migration to cloud platforms, SaaS, IaaS, and managed service providers has changed the definition of the perimeter. Applying outdated cyber security tactics to modern cloud infrastructure is ineffective to combat current threats. A Risk-Based Vulnerability Management (RBVM) approach that evolves with the changing threat landscape is necessary to prioritize identification of unnecessary services and software, limit third-party code, implement a secure software development lifecycle, and perform accurate asset detection across the entire attack surface. Modern vulnerability management programs must include information technology, operational technology, and internet of things (IoT), whether they reside in the cloud or on premises. RBVM requires identifying and fixing critical vulnerabilities and misconfigurations in cloud and Active Directory. Unpatched vulnerabilities represent lucrative opportunities for ransomware attackers, leading to successful ransomware attacks and breaches, such as the Kaseya, SolarWinds, Colonial Pipeline, and Conti attacks.

Organizations usually perform a “lessons learned” meeting after a breach to discuss what went right, what went wrong, and how to improve their response moving forward. Tenable’s Security Response Team (SRT) continuously provides valuable insight and perspective on new threats that may affect an organization’s cyber security posture. SRT’s research enables organizations to prioritize and create remediation plans for the evolving threat landscape. This dashboard uses CVE filters to display the top five most notable threats and provides indicators for the remaining threats identified in 2021. The content enables organizations to understand the full scope of the current attack surface and refine their security strategy accordingly.

Tenable Research delivers world class cyber exposure intelligence, data science insights, alerts, and security advisories. The Tenable Research teams perform diverse work that builds the foundation of vulnerability management. The Security Response Team (SRT) tracks threat and vulnerability intelligence feeds and provides rapid insight to the Vulnerability Detection team, enabling them to quickly create plugins and tools that expedite vulnerability detection. This fast turnaround enables customers to gain immediate insight into their current risk posture. Tenable Research has released over 165,000 plugins and leads the industry on CVE coverage. Additionally, the SRT provides breakdowns for the latest vulnerabilities on the Tenable Blog and produces an annual Threat Landscape Retrospective. The SRT continuously analyzes the evolving threat landscape, authors white papers, blogs, Cyber Exposure Alerts, and additional communications to provide customers with comprehensive information to evaluate cyber risk.

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable.io discovers and analyzes assets continuously to provide an accurate and unified view of an organization’s security posture. The requirements for this dashboard are: Tenable.io Vulnerability Management (Nessus).

Widgets

Most Notable Vulnerabilities VPR Heat Map (2021 Threat Landscape Retrospective)  – This widget provides a correlation between VPR scores for the vulnerabilities that include the 315 CVEs discussed in the Tenable's 2021 Threat Landscape Retrospective (TLR). The requirements for this widget are: Tenable.io Vulnerability Management (Nessus).

Top 5 Vulnerabilities (2021 Threat Landscape Retrospective)  – This widget features the top five vulnerabilities of 2021 as described in Tenable's 2021 Threat Landscape Retrospective: ProxyLogon CVE-2021-26855, PrintNightmare, Windows Print Spooler CVE-2021-34527, VMware vSphere CVE-2021-21985, Pulse Connect Secure CVE-2021-22893, ZeroLogon, and Windows Netlogon Protocol CVE-2020-1472. The requirements for this widget are: Tenable.io Vulnerability Management (Nessus). 

Key Vulnerabilities (2021 Threat Landscape Retrospective) – This widget displays cells for the most significant vulnerabilities of 2021 using the CVE and Plugin Family filters. These filters display the key vulnerabilities from 2021 as well as the notable legacy vulnerabilities from prior years. Details are provided in Tenable's 2021 Threat Landscape Retrospective. The requirements for this widget are: Tenable.io Vulnerability Management (Nessus).

Most Notable Vulnerabilities VPR Heat Map (2021 Threat Landscape Retrospective)  – This widget provides a correlation between VPR scores for the vulnerabilities that include the 315 CVEs discussed in the Tenable's 2021 Threat Landscape Retrospective (TLR).

Microsoft Active Directory Findings  – This widget displays a vulnerability summary for assets that contain any vulnerabilities related to Active Directory. This widget uses the application CPE filter to cross reference Tenable plugins that contain active_directory, including those from the AD Starter Scan. The requirements for this widget are: Tenable.io Vulnerability Management (Nessus, NNM).