State of New Jersey SealOFFICIAL SITE OF THE STATE OF NEW JERSEY

Surge in Zero-Day Exploitation

Garden State Cyber Threat Highlight

Original Release Date: 11/17/2023

Summary

The incidence of zero-day exploitation has shown an alarming increase on a global scale, significantly affecting federal government agencies, particularly over the last month, as emphasized by the Cybersecurity and Infrastructure Security Agency (CISA). Despite an overall decline in these vulnerabilities, federal government analysts observed an increase in zero-day exploits. This uptick indicates evolving tactics among cyber threat actors, particularly in sophisticated nation-state-backed campaigns that continue to leverage these previously unknown vulnerabilities in sophisticated cyberattacks.

Over the past six months, the NJCCIC observed similar patterns in which advanced persistent threat (APT) groups rapidly developed and deployed zero-day exploits impacting public and private NJ organizations. These exploits include the Citrix Bleed vulnerability, which was most recently used in LockBit ransomware attacks impacting Boeing and the Industrial and Commercial Bank of China (ICBC). Similarly, the Atlassian and SysAid zero-days have been widely used in significant cyberattacks.

There is a critical need for enhanced collaboration across public and private sectors to combine cybersecurity defense efforts and develop rapid response mechanisms, including the Defense Industrial Base sector, according to Darren Turner, the National Security Agency’s (NSA’s) cybersecurity directorate chief of critical networks defense. The NJCCIC has actively pursued efforts to increase collaboration with local and state agencies, most recently supporting these endeavors by hosting a multi-state cyber range incident response exercise. More information regarding this live-fire exercise can be found in the below announcement.

Recommendations

The NJCCIC reminds organizations to take a proactive approach to vulnerability and patch management and prioritize the application of security patches in accordance with their risk management processes. Additionally, we encourage users and organizations to report cyber incidents and share information with the NJCCIC. This data enables us to provide timely and relevant alerts to raise awareness, help prevent future cyber incidents, and strengthen the security and preparedness of public and private organizations. CISA also encourages voluntary information sharing that may help mitigate current or emerging cybersecurity threats to critical infrastructure. Further resources and guidance can be found on CISA’s webpage, Shields Up!

Join & Subscribe

Never miss an update! Sign up for a no cost membership today! Receive up-to-date content and more in our weekly bulletin.

Sign Up

Featured Content

New Jersey Cybersecurity & Communications Integration Cell

2 Schwarzkopf Dr, Ewing Township, NJ 08628

njccic@cyber.nj.gov

OUR COMMITMENT

The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.

Agency Seals of State of NJ, NJOHSP and NJCCIC

STAY CONNECTED:

View our Privacy Policy here.

View our Site Index here.