Google found that a total of 2023 zero-day vulnerabilities were exploited in 97. This is almost 40% more than last year (at that time, 62 vulnerabilities of this type were specifically exploited).
Google's Threat Analysis Group and Mandiant teamed up to analyze zero-day vulnerabilities discovered last year. Their analysis revealed that of the 58 zero-day vulnerabilities they could attribute hacker motivation to, espionage was the main motive for 48 of them.
Gallery
Zero day vulnerabilities are essentially errors that security experts have not yet found. This means IT teams don't have time to fix them before hackers exploit them. That's why they're so popular with hackers because their use doesn't trigger any alerts. Of all the potential targets, cybercriminals have targeted platforms and products such as smartphones, operating systems, web browsers and various applications. A total of 61 zero-day vulnerabilities affected these targets, Google found.
In 2023 it was on Androidu exploited nine zero-day vulnerabilities, which was 6 more than the year before. On iOS nine vulnerabilities were also exploited, compared to five fewer than last year.
You could be interested in
The most zero-day vulnerabilities – 12 – were exploited by Chinese state-sponsored hackers, followed by Russia, North Korea and Belarus. In total, state-sponsored espionage accounted for over 41 % exploited zero-day vulnerabilities. Although there was a significant year-on-year increase in exploits of this type in 2023, it was slightly less than in 2021. At that time, 106 of these vulnerabilities were exploited. Cybersecurity experts, however believe that the incidence and exploitation rate of these threats will remain high compared to pre-2021 numbers.
