22 billion records exposed from breaches in 2020 – Tenable Threat Landscape report


Tenable has released the 2020 Threat Landscape Retrospective, which analyses noteworthy vulnerabilities, trends in ransomware and breaches, zero-day disclosures and the cybersecurity challenges brought on by the COVID-19 pandemic.

Headline findings:

  • Between January and October 2020, 730 publicly disclosed events resulted in over 22 billion records exposed. 35% of breaches analysed by Tenable were caused by ransomware attacks, resulting in tremendous financial cost, while 14.4% of breaches were the result of email compromises.
  • 18,358 new CVEs were reported in 2020, representing a 6% increase from 2019 and a 183% increase from 2015. From 2015 to 2020, the number of reported CVEs increased at an annual percentage growth rate of 36.6%.
  • Over 35% of all zero-day flaws exploited were browser vulnerabilities in Google Chrome, Mozilla Firefox, Internet Explorer and Microsoft Edge.
  • In 2020, 18 ransomware groups were operating leak websites that name and shame victims to secure ransom demands.

The key takeaways reveal that:

  • Headline vulnerabilities shouldn’t always be the main focus. Not every critical vulnerability had a name and logo given to it and conversely not every vulnerability with a name and logo should be seen as critical.
  • Remote working still raises concerns. The array of new solutions organisations implemented in 2020 to support remote working and distance learning raise concerns that can only be addressed through diligent patching and implementing the right security controls.
  • Unpatched vulnerabilities in VPNs are still gold for cyber attackers. Pre-existing vulnerabilities in VPN solutions continue to be a favourite target for cybercriminals and nation-state groups.

Top 5 vulnerabilities of 2020:

  1. Zerologon (CVE-2020-14720)
  2. Citrix ADC/Gateway/SDWAN WAN-OP (CVE-2019-19871)
  3. Pulse Connect Secure SSL VPN (CVE-2019-11510)
  4. Fortinet Fortigate SSL VPN (CVE-2018-13379)
  5. F5 BIG-IP (CVE-2020-5902)

“Every day, cybersecurity professionals in Australia and the rest of the world are faced with new challenges and vulnerabilities that can put their organisations at risk. The 18,358 vulnerabilities disclosed in 2020 alone reflects a new normal and a clear sign that the job of a cyber defender is only getting more difficult as they navigate the ever-expanding attack surface,” said Satnam Narang, Staff Research Engineer at Tenable.

“A complex threat landscape, highly motivated threat actors and readily available exploit code translate into serious cyber attacks as reflected in this report. Many of the tactics used by bad actors are not sophisticated or didn’t require flexing too many mental muscles – making it more important than ever to patch vulnerabilities in a timely manner.”

“To adapt in a digital and distributed world, every industry sector and business model is reliant on technology. Hence, pausing for a retrospective provides cybersecurity professionals with an important opportunity to identify gaps and refine strategies to make their organisations more secure. In 2021, it’s essential that we have the tools, awareness and intelligence to effectively reduce risk and eliminate blind spots. It’s only through looking at where we’ve come from that we can effectively plan for what lies ahead.”

You can find the full report available for download here.

Report Methodology — This report was compiled based on Tenable’s analysis of:

  • Events over the course of 2020
  • Information from advisories published by U.S. government agencies
  • Publicly available breach data from national and local news outlets, reporting on data breaches from January through October 2020