Cybersecurity

Which Bugs Will Hackers Exploit First? Machine Learning Promises a Better Guess

The vast majority of the bugs that hackers exploit aren’t fancy zero-days that no one has ever seen or reported. Most are vulnerabilities that have gotten out into the wild and spread via chat rooms and hacker forums on the dark web. Guessing which bugs will cause the most damage — useful in knowing which ones to patch first — is still mostly a guess. But researchers from Arizona State University have developed a machine-learning model to predict which vulnerabilities are the most likely to cause the next headline-grabbing incident.
Today’s most common methods for anticipating the likelihood that a previously disclosed software vulnerability will cause major damage are imperfect at best. Take two bugs: one exploited by the WannaCryransomware, which shut down hospitals and other institutions across the United States and Europe; and Heartbleed, a bug believed to have been discovered and exploited by the NSA. The latter was judged by the National Vulnerabilities Database’s common vulnerability scoring system to have a severity score 5-in-10, mix of likelihood of exploit and potential damage done; the former, 8.1 chances in 10. But other viruses that scored even higher had far less impact.