Tenable’s 2020 Threat Landscape Retrospective

A guide for security professionals to navigate the year in vulnerabilities

Foreword

Looking Forward By Looking Back

If there is any bright spot to be found in the tumultuous global events of 2020, perhaps it is the realization of our shared human connectedness. As many organizations embraced a work-from- home model in response to the COVID-19 pandemic, our business lives and our family lives converged in sometimes messy ways — and helped us all see one another with that much more compassion.

The events of 2020 also made clear how reliant we all are on the infrastructure and supply chains underpinning modern society — agriculture, food and beverage manufacturing, pharmaceutical development — particularly in times of crisis. The software supply chain itself came under renewed scrutiny as a result of the SolarWinds breach, which was disclosed in mid-December.

While full ramifications of the SolarWinds breach were still under investigation as of January 5, 2021, when this report was finalized, this incident makes one thing crystal clear: defense in depth is the foundation to defend oneself against intrusion. Each device, each asset in the infrastructure needs to be considered as potentially becoming rogue, and we need to continue to minimize the privileges they have and the attack surface to which they have access. While few organizations would have the wherewithal to prevent a breach as sophisticated as SolarWinds, sound cyber hygiene practice can help to thwart any lateral movement that might occur as a result of the breach. We’ll continue to monitor the developments in the case on the Tenable blog.

If 2020 ended at a crossroads for infosec management, then 2021 will be the time for choosing the path that leads to a risk-based approach to vulnerability management. As the attack surface expands, vulnerability management has a central role to play in modern cybersecurity strategies. Unpatched vulnerabilities leave sensitive data and critical business systems exposed, and represent lucrative opportunities for ransomware actors. Modern vulnerability management requires identifying unnecessary services and software, limiting third-party code, implementing a secure software development lifecycle and practicing accurate asset detection across your entire attack surface, including information technology, operational technology and internet of things, regardless of whether they reside in the cloud or on premises.

Tenable Research seeks to step out in front of the curve of the vulnerability management cycle. Our Security Response Team (SRT) tracks threat and vulnerability intelligence feeds to make sure our plugin teams can quickly deliver coverage to our products. The SRT also works to dig into technical details and test proof-of-concept attacks to ensure customers are fully informed of the risks.

Reducing the cyber exposure gap requires a broad understanding of the threat landscape. Tenable Research takes that approach to equip our customers and the industry at large with the tools, awareness and intelligence to effectively reduce risk. To further those goals, the SRT has compiled this 2020 Threat Landscape Retrospective, which offers both a macro look at the trends that shaped the year as well as a detailed compendium of key vulnerabilities. The insights and data provided in these pages are designed to help cyber defenders learn from the past in order to build cybersecurity strategies that protect critical infrastructures, supply chains and data while respecting privacy.

Renaud Deraison
Co-founder and Chief Technology Officer
Tenable