Tenable’s 2021 Threat Landscape Retrospective

January 20, 2022

Key Takeaways

Evolution of the perimeter:
Adoption of cloud solutions, software and infrastructure as a service, and the increasingly complex service provider ecosystem all continue to challenge traditional conceptions of the perimeter. However, traditional perimeter devices like VPNs remain valuable targets for attackers.

Patching problems:
Staying on top of patching assets is difficult enough, but in 2021 it was even more challenging due to incomplete patches, miscommunications from vendors and patch bypasses, making it even harder for defenders to stay on top of securing critical systems.

Majority of zero-days exploited in the wild
of zero-day vulnerabilities disclosed in 2021 were exploited in attacks with web browser zero-days accounting for over 30% of them.

Ongoing risks of interconnection:
Code and library re-use have resulted in vulnerabilities persisting for years across potentially millions of sensitive operational technology (OT) devices. Software libraries and network stacks used commonly amongst OT devices often introduce additional risk when security controls and code audits are not in place.

Misconfigurations increase risk:
Cloud and Active Directory (AD) misconfigurations are low hanging fruit for threat actors. Openly accessible cloud databases and overly permissive AD configurations give attackers access to an organization’s most sensitive information.

Attackers target AD environments:
Threat groups, particularly ransomware, have increasingly exploited vulnerabilities and misconfigurations in Active Directory.

Surging ransomware attacks:
Ransomware attacks increased in both volume and sophistication. Ransomware groups leveraged zero-days and legacy vulnerabilities alike to target sensitive sectors like healthcare, education and the physical supply chain.

Physical and software supply chains under attack:
Supply chains of all kinds were targeted by diverse threat groups in 2021. Ransomware groups favored physical supply chain disruption as a tactic to extort payment while cyberespionage campaigns exploited the software supply chain to access sensitive data. And 61% of security leaders reported that their organization was exposed to increased risk related to its expanding supply chain.

Data breaches continue to increase:
Over 2.5 times as many breaches were reported in 2021 than in 2020. Additionally, there was a 78% increase in the number of records exposed.

Price: FREE

About the Provider

Tenable®, Inc. is the Cyber Exposure company. Over 30,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 30 percent of the Global 2000 and large government agencies.


Cyberattacks, Cybersecurity, ransomware, Threat Landscape, vulnerabilities