Ransomware Index Report identifies new vulnerabilities

Ransomware Index Report identifies new vulnerabilities

Share post

Groups of hackers continuously monitor new vulnerabilities and analyze their suitability for potential attacks. In March 2023, the total number of security breaches reported was higher than the previous three years combined.

The Ransomware Index Report from Securin, Cyware and Ivanti provides a regular update on the latest threat vectors used for such attacks. He also gives suggestions on how companies can protect their data and assets from ransomware.

In the first quarter of 2023, twelve new vulnerabilities were linked to ransomware. Three quarters of these were already a topic on the internet as well as on the deep and dark web in the fourth quarter of 4. This brought the number of products vulnerable to ransomware attacks to 2022. Of the 7.444 vendors affected, Microsoft is the frontrunner. A total of 121 vulnerabilities in the software manufacturer's products are currently being exploited by ransomware.

Current scanners do not detect security gaps

A complete MITER ATT&CK kill chain is available for 59 vulnerabilities. If such a "kill chain" is in place for vulnerabilities, attackers are able to exploit the gap from initial access to exfiltration. That makes them particularly dangerous. A particular problem: The current scanners have not yet recognized three of these security gaps.

Traditional scanners miss 18 vulnerabilities associated with ransomware. As a result, companies are exposed to potential attacks with no chance of detecting them in good time.
The number of open source vulnerabilities has increased. A total of 119 vulnerabilities are now known across multiple vendors and products used for ransomware.

There is an urgent need for action here, as open source code is used in many tools.
Two new APT (Advanced Persistent Threat) groups are using ransomware as their preferred attack vector. With DEV-0569 and Karakurt, the total number of APT groups associated with ransomware has increased to 52.

Attack tactics evolve

The report also lists the categories of vulnerabilities that are particularly attractive to ransomware gangs. These include, above all, gaps in software products and operating systems that are as widespread as possible in companies. But attackers will also rely on new tools and strategies in the future. “One of the biggest challenges for IT and security teams is prioritizing and remediating security vulnerabilities. Especially those related to ransomware,” said Srinivas Mukkamala, Chief Product Officer at Ivanti.

“We're seeing threat actors starting to use AI in their attacks. When polymorphic malware attacks and AI co-pilots for offensive computing become a reality, the situation becomes even more complex. So far this case has not occurred. But it's only a matter of time before ransomware authors use AI to expand the list of vulnerabilities and exploits used. This global challenge demands an equally global response to truly combat attackers.”

Actively reduce risks

“For our customers across all industries, risk mitigation is one of the top three strategic priorities. Looking at our research, however, we have to realize that these risks are increasing every quarter. A lack of security experts and tight IT budgets prevent companies from facing this key challenge.

The security of private and public organizations depends on actively mitigating risk,” said Aaron Sandeen, CEO and co-founder of Securin. “For years we have therefore warned our customers about security vulnerabilities that are ignored by software manufacturers and repositories such as NVD and MITER. Our predictive threat intelligence platform was able to alert customers to threats long before they were actively taken over by the ransomware gangs.”

More at Securin.io


About Securin

Securin is a leading provider of technology-enabled cybersecurity solutions, helping hundreds of customers worldwide protect against emerging threats. Powered by vulnerability precision, human expertise, and automation, our products and services enable organizations to make critical security decisions to manage their growing attack surfaces.

Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more