Ransomware Takes its Toll on Organizations in 2022

Ransomware Takes its Toll on Organizations in 2022

By Greg Tavarez

Ransomware attacks continue to gain attention due to their increased sophistication and the widespread impacts they have. Hackers are constantly developing new methods to deliver ransomware, such as using social engineering tactics to trick users into clicking on malicious links or downloading infected files. Look at the high-profile incidents involving large organizations and critical infrastructure, as of late.

These incidents raise concerns about the potential impact of ransomware on national security and the need for improved cybersecurity measures to prevent and respond to such attacks. Even with these concerns, attackers are weaponizing and exploiting newly discovered, neglected or old, or resurrected vulnerabilities through ransomware attacks.

In fact, a report from Cyber Security Works, Ivanti, Cyware and Securin reveals the toll that ransomware had on organizations globally in 2022. The study identifies 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022—marking a 19% increase year-over-year.

Threat actors are also actively searching the internet and deep and dark web for 180 vulnerabilities known to be associated with ransomware. In the last quarter of 2022, these groups used ransomware to exploit 21 of these vulnerabilities, according to the study.

Srinivas Mukkamala, Chief Product Officer, Ivanti, when looking at these numbers, cannot stress enough the importance of organizations understanding their attack surface.

“Combating ransomware has been placed at the top of the agenda for world leaders because of the rising toll being placed on organizations, communities and individuals,” said Mukkamala. “It is imperative that all organizations truly understand their attack surface and provide layered security to their organization so they can be resilient in the face of increasing attacks.”

So, let’s look at some of the attack surface vulnerabilities that have been exploited.

The first deals with scanners not detecting all threats. Again, this shows the sophistication of attackers as they evade popular scanners that did not detect 20 vulnerabilities associated with ransomware, according to the study.

Reusing open-source code in software products is replicating vulnerabilities. For example, CVE-2021-45046, an Apache Log4j vulnerability, is present in 93 products from 16 vendors and is exploited by AvosLocker ransomware. Another Apache Log4j vulnerability, CVE-2021-45105, is present in 128 products from 11 vendors and is also exploited by AvosLocker ransomware.

Even the Common Vulnerability Scoring System is proving to be less effective as some might have thought because there is a chance it masks risks. In fact, the study found 57 ransomware-associated vulnerabilities with low and medium-sized scores that are associated with infamous ransomware families

The study also reported that more than three-quarters of vulnerabilities being exploited by ransomware were discovered between 2010 and 2019. In 2022, of the 56 vulnerabilities tied to ransomware, 20 were discovered between 2015 and 2019.

“IT and security teams are being tripped up by open-source, old, and low-scoring vulnerabilities associated with ransomware,” said Aaron Sandeen, CEO and co-founder of CSW and Securin. “IT and security teams will want to scrutinize both in-house and vendor software to identify and remediate vulnerabilities before deploying new solutions and patch existing software as soon as vulnerabilities are announced.”

Ransomware is on the rise, and organizations must act. IT teams need to adopt automated vulnerability discovery and risk scoring platforms to prioritize key exposures by asset impact and criticality and remediate those first. Doing this reduces the organizations’ attack surface.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

Mutare Brings Together Cybersecurity Community to Raise Vishing Awareness

By: Greg Tavarez    3/28/2023

Mutare is collaborating with government agencies, business coalitions and private industry in an educational campaign to raise awareness of the risks …

Read More

Only 15% of Organizations Deemed Mature Enough to Defend Against Cybersecurity Risks

By: Greg Tavarez    3/28/2023

Fifteen percent of organizations globally have the maturity level of readiness needed to be resilient against today's modern cybersecurity risks, acco…

Read More

Opti9 Offerings Strengthen Veeam Customers' Security Stacks

By: Greg Tavarez    3/28/2023

Opti9 introduced its standalone offerings for Veeam, which are managed services for Veeam Software and its AI-based ransomware detection and remediati…

Read More

How Businesses are Navigating Migrations and Marketplace Shifts

By: Alex Passett    3/28/2023

Westcon-Comstor recently published a report that explored challenges found amongst shifting subscription and recurring revenue models for businesses.

Read More

Cybersecurity Essentials: BSA Expands Managed Security Solutions

By: Alex Passett    3/24/2023

Bridge Security Advisors (BSA) has announced an addition to its Essential Security Solution (ESS): the Managed Security Solution (MSS) offering.

Read More