Security researcher fromfound that 2021 has been a particularly active year for zero-day attacks so far. This year, 33 zero-day exploits previously used by hackers have been exposed, 11 more than the 2020 total.
Google attributes the rise in zero-day vulnerabilities in part to increased efforts to identify and disclose security vulnerabilities. Another reason for the increase compared to the early 2010s is the increase in commercial providers selling access to zero-day vulnerabilities.
In the past, only selected nation states had the technical know-how to “find zero-day vulnerabilities, develop them into exploits and then use them strategically,” continues Google. “In the mid to late 2010s, there were more private companies emerging selling these zero-day capabilities. The corporations no longer have to have the technical know-how, they just need resources. ”Three of the four zero-days that Google’s Threat Analysis Group discovered in 2021 fell into this category.