Ransomware Takes its Toll on Organizations in 2022

Ransomware Takes its Toll on Organizations in 2022

By Greg Tavarez

Ransomware attacks continue to gain attention due to their increased sophistication and the widespread impacts they have. Hackers are constantly developing new methods to deliver ransomware, such as using social engineering tactics to trick users into clicking on malicious links or downloading infected files. Look at the high-profile incidents involving large organizations and critical infrastructure, as of late.

These incidents raise concerns about the potential impact of ransomware on national security and the need for improved cybersecurity measures to prevent and respond to such attacks. Even with these concerns, attackers are weaponizing and exploiting newly discovered, neglected or old, or resurrected vulnerabilities through ransomware attacks.

In fact, a report from Cyber Security Works, Ivanti, Cyware and Securin reveals the toll that ransomware had on organizations globally in 2022. The study identifies 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022—marking a 19% increase year-over-year.

Threat actors are also actively searching the internet and deep and dark web for 180 vulnerabilities known to be associated with ransomware. In the last quarter of 2022, these groups used ransomware to exploit 21 of these vulnerabilities, according to the study.

Srinivas Mukkamala, Chief Product Officer, Ivanti, when looking at these numbers, cannot stress enough the importance of organizations understanding their attack surface.

“Combating ransomware has been placed at the top of the agenda for world leaders because of the rising toll being placed on organizations, communities and individuals,” said Mukkamala. “It is imperative that all organizations truly understand their attack surface and provide layered security to their organization so they can be resilient in the face of increasing attacks.”

So, let’s look at some of the attack surface vulnerabilities that have been exploited.

The first deals with scanners not detecting all threats. Again, this shows the sophistication of attackers as they evade popular scanners that did not detect 20 vulnerabilities associated with ransomware, according to the study.

Reusing open-source code in software products is replicating vulnerabilities. For example, CVE-2021-45046, an Apache Log4j vulnerability, is present in 93 products from 16 vendors and is exploited by AvosLocker ransomware. Another Apache Log4j vulnerability, CVE-2021-45105, is present in 128 products from 11 vendors and is also exploited by AvosLocker ransomware.

Even the Common Vulnerability Scoring System is proving to be less effective as some might have thought because there is a chance it masks risks. In fact, the study found 57 ransomware-associated vulnerabilities with low and medium-sized scores that are associated with infamous ransomware families

The study also reported that more than three-quarters of vulnerabilities being exploited by ransomware were discovered between 2010 and 2019. In 2022, of the 56 vulnerabilities tied to ransomware, 20 were discovered between 2015 and 2019.

“IT and security teams are being tripped up by open-source, old, and low-scoring vulnerabilities associated with ransomware,” said Aaron Sandeen, CEO and co-founder of CSW and Securin. “IT and security teams will want to scrutinize both in-house and vendor software to identify and remediate vulnerabilities before deploying new solutions and patch existing software as soon as vulnerabilities are announced.”

Ransomware is on the rise, and organizations must act. IT teams need to adopt automated vulnerability discovery and risk scoring platforms to prioritize key exposures by asset impact and criticality and remediate those first. Doing this reduces the organizations’ attack surface.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

ICYMI: What's Happening in the MSP Industry?

By: Greg Tavarez    7/19/2024

Here are a few articles compiled into one for readers interested in developments around the MSP space.

Read More

Global Microsoft Outage Linked to CrowdStrike: What Happened, and What's Next

By: Alex Passett    7/19/2024

A massive global Microsoft outage has reportedly stemmed from a misconfigured update from cybersecurity company CrowdStrike.

Read More

MSPs: When is it Time to Evolve Your Brand, Positioning, and Marketing?

By: Contributing Writer    7/18/2024

From the rise of AI to the increase in cyber attacks and the shift to hybrid offices, dynamic forces are driving stronger demand for managed services.…

Read More

Assuring Top-Notch Cybersecurity: Assura and Stellar Cyber Announce New Partnership

By: Alex Passett    7/18/2024

Assura, Inc. and Stellar Cyber have announced a strategic partnership aimed at bolstering both offensive and defensive cybersecurity capabilities for …

Read More

Unveiling Seismic LLC's Unique Value Proposition: An Interview with Richard Cabelo

By: Rich Tehrani    7/18/2024

Seismic is distinctively purpose-built to empower MSPs, VARs, integrators, OEMs, and distributors with the resources and agility needed to achieve bes…

Read More