Escalating zero-day exploits pose growing threat, US CISA official warns

The prevalence of zero-day vulnerabilities has seen a significant global uptick, directly affecting federal agencies, according to Michael Duffy, the associate director for capacity building within the Cybersecurity and Infrastructure Security Agency (CISA). This surge in zero-day activity was highlighted during a cybersecurity governance panel at the ACT-IAC Imagine Nation ELC conference.

Duffy pointed out that in the past month, CISA has observed a substantial increase in zero-day exploits globally in the past month, particularly impacting federal government networks. Despite declining in-the-wild zero days last year, the recent surge in exploits indicates a concerning trend. Google’s Threat Analysis Group reported 41 zero-day vulnerabilities detected and disclosed in 2022, down from 69 in 2021. However, the absolute number remains the second-highest since TAG began tracking these exploits in 2014.

During the panel discussion, Darren Turner, the National Security Agency’s cybersecurity directorate chief of critical networks defence, emphasized the need for alignment and unification in addressing these threats across government agencies, the defence industrial base, and the broader industry. Turner highlighted that the discovery of one zero-day often leads to identifying similar vulnerabilities, potentially contributing to the observed increase in their usage.

Duffy also noted other concerning trends in the fiscal year 2023, including the first instances of ransomware within the federal government and a rise in Distributed Denial of Service (DDoS) activity disrupting federal operations. The overall scenario underscores the evolving and complex nature of cyber threats faced by federal agencies, necessitating a collaborative and unified approach to cybersecurity.