Ransomware Index Spotlight Report Q3 2021

20 December 2021
| No comments

Share post

Study: The complexity and number of ransomware vulnerabilities and families rose again in the 3rd quarter of 2021. Ransomware Index Spotlight Report: Ransomware-associated CVEs grow 4,5%, ransomware groups 3,4% compared to Q2021 XNUMX.

The security specialist Ivanti has published the results of the “Ransomware Index Spotlight Report” for the third quarter of 2021. The report shows that ransomware groups continue to grow in sophistication, aggressiveness, and volume. The numbers have increased across the board since the second quarter. The number of vulnerabilities associated with ransomware rose by 4,5%. The number of current and actively used CVEs also increased by 4,5%. In addition, the number of ransomware families is increasing by 3,4%. The number of older vulnerabilities related to ransomware was also 1,2% higher than in the second quarter of 2021. The results of the report once again confirm the need for risk-based patch management. The report was published jointly by Cyber ​​Security Works, Ivanti and Cyware.

Many new vulnerabilities discovered

The analysis reveals twelve new vulnerabilities associated with ransomware in the third quarter of 3. This increases the total number of these types of CVEs to currently 2021. Of the new vulnerabilities, five are suitable for attacks with remote code execution. Two, in turn, can exploit web applications and manipulate them in such a way that denial-of-service attacks are possible. The report also shows that ransomware groups continue to find and exploit zero-day vulnerabilities even before they're added to the National Vulnerability Database (NVD) and patches are released.

More ransomware families

The number of current and active vulnerabilities used by ransomware has increased by six to a total of 140. There are also five new ransomware families (151 total). These new ransomware groups took advantage of some of the most dangerous vulnerabilities that emerged in Q3. Additionally, the report found that three vulnerabilities from 2020 or earlier were again exploited by ransomware in the third quarter of 2021. This means that 92,4% of all vulnerabilities are gateways for ransomware (a total of 258 CVEs).

The analysis also showed that ransomware groups use modern and increasingly sophisticated techniques in their attacks: for example, dropper-as-a-service enables unskilled cybercriminals to spread malware through programs that, when executed, carry a malicious payload run on their victim's computer. Trojan-as-a-Service, also known as Malware-as-a-Service, enables anyone with an internet connection to obtain and distribute bespoke malware from the cloud with no installation required.

Risk-based patch management

Srinivas Mukkamala, Senior Vice President of Security Products at Ivanti, said, “Ransomware groups are developing their tactics, expanding their attack arsenal and targeting unpatched vulnerabilities in corporate attack surfaces. With this report, we want to help companies understand the security risk and the vulnerabilities of their environments and endpoints. In addition, we would like to provide you with usable information so that you can remedy the situation more quickly. It is critical that companies take a proactive, risk-based approach to their patch management. This includes leveraging automation technologies to reduce the time it takes to detect, detect, remediate, and respond to ransomware attacks and other cyber threats. "

The report is based on data from a variety of sources, including proprietary data from Ivanti and CSW, publicly available threat databases, and threat researchers and penetration testing teams. The report is available for download online.

More at Ivanti.com

 

About Ivanti

The strength of unified IT. Ivanti connects IT with security operations in the company in order to better control and secure the digital workplace. We identify IT assets on PCs, mobile devices, virtualized infrastructures or in the data center - regardless of whether they are hidden on-premise or in the cloud. Ivanti improves the provision of IT services and reduces risks in the company on the basis of specialist knowledge and automated processes. By using modern technologies in the warehouse and across the entire supply chain, Ivanti helps companies improve their ability to deliver - without changing the backend systems.

 

Matching articles on the topic

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

Stories
, , , ,