75 zero-day exploitations spotted by Google, governments increasingly responsible for attacks

News
By published

Of all the zero-days abused in 2024, the majority were used in state-sponsored attacks

A person at a laptop with a cybersecure lock symbol floating above it.
(Image credit: Shutterstock / laymanzoom)
  • Google observed 75 zero-day bugs last year
  • Most were used by state-sponsored actors
  • Countries like China and North Korea were specifically mentioned

In 2024, Google’s Threat Intelligence Group (GTIG) discovered 75 zero-day vulnerabilities, and argued that the majority were used in state-sponsored hacking campaigns. The company made these claims in “Hello zero-day my old friend, a 2024 exploitation analysis” paper published recently.

In the report, Google says that the number of zero-day flaws dropped compared to 2023 (from 98 to 75). However, the four-year trend is that the rate of zero-day exploitation “continues to grow at a slow but steady pace.”

While consumer devices continue to be the most attacked targets, there is an increase in adversaries exploiting enterprise-specific technologies. In 2023, roughly a third (37%) of zero-days targeted enterprise products, jumping to 44% last year. This, Google says, is primarily fueled by the increased exploitation of security and networking software and appliances.

Governments at it again

In fact, zero-day vulnerabilities in security software and appliances were a high-value target in 2024. Google says it identified 20 security and networking flaws, which was over 60% of all zero-day exploitation of enterprise technologies. Since the exploitation of these products results in a more efficient and extensive system and network compromise, Google expects threat actors’ focus on these technologies to continue growing.

The biggest abusers of zero-day vulnerabilities are the governments, Google says. “Between government-backed groups and customers of commercial surveillance vendors, actors conducting cyber espionage operations accounted for over 50% of the vulnerabilities we could attribute in 2024,” the report says.

Google singled out China as a major player in this regard, but also mentioned North Korea, whose operatives mixed espionage with financially motivated operations.

The number of Windows exploits rose to 22 (from 16 the year before), while on Safari and iOS it fell (from 11 and 9 to 3 and 2). Android retained its “lucky number” 7, as did Chrome. Firefox was up from zero in 2023 to one in 2024.

Via Ars Technica

You might also like

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.