Ransomware Takes its Toll on Organizations in 2022

Ransomware Takes its Toll on Organizations in 2022

By Greg Tavarez

Ransomware attacks continue to gain attention due to their increased sophistication and the widespread impacts they have. Hackers are constantly developing new methods to deliver ransomware, such as using social engineering tactics to trick users into clicking on malicious links or downloading infected files. Look at the high-profile incidents involving large organizations and critical infrastructure, as of late.

These incidents raise concerns about the potential impact of ransomware on national security and the need for improved cybersecurity measures to prevent and respond to such attacks. Even with these concerns, attackers are weaponizing and exploiting newly discovered, neglected or old, or resurrected vulnerabilities through ransomware attacks.

In fact, a report from Cyber Security Works, Ivanti, Cyware and Securin reveals the toll that ransomware had on organizations globally in 2022. The study identifies 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022—marking a 19% increase year-over-year.

Threat actors are also actively searching the internet and deep and dark web for 180 vulnerabilities known to be associated with ransomware. In the last quarter of 2022, these groups used ransomware to exploit 21 of these vulnerabilities, according to the study.

Srinivas Mukkamala, Chief Product Officer, Ivanti, when looking at these numbers, cannot stress enough the importance of organizations understanding their attack surface.

“Combating ransomware has been placed at the top of the agenda for world leaders because of the rising toll being placed on organizations, communities and individuals,” said Mukkamala. “It is imperative that all organizations truly understand their attack surface and provide layered security to their organization so they can be resilient in the face of increasing attacks.”

So, let’s look at some of the attack surface vulnerabilities that have been exploited.

The first deals with scanners not detecting all threats. Again, this shows the sophistication of attackers as they evade popular scanners that did not detect 20 vulnerabilities associated with ransomware, according to the study.

Reusing open-source code in software products is replicating vulnerabilities. For example, CVE-2021-45046, an Apache Log4j vulnerability, is present in 93 products from 16 vendors and is exploited by AvosLocker ransomware. Another Apache Log4j vulnerability, CVE-2021-45105, is present in 128 products from 11 vendors and is also exploited by AvosLocker ransomware.

Even the Common Vulnerability Scoring System is proving to be less effective as some might have thought because there is a chance it masks risks. In fact, the study found 57 ransomware-associated vulnerabilities with low and medium-sized scores that are associated with infamous ransomware families

The study also reported that more than three-quarters of vulnerabilities being exploited by ransomware were discovered between 2010 and 2019. In 2022, of the 56 vulnerabilities tied to ransomware, 20 were discovered between 2015 and 2019.

“IT and security teams are being tripped up by open-source, old, and low-scoring vulnerabilities associated with ransomware,” said Aaron Sandeen, CEO and co-founder of CSW and Securin. “IT and security teams will want to scrutinize both in-house and vendor software to identify and remediate vulnerabilities before deploying new solutions and patch existing software as soon as vulnerabilities are announced.”

Ransomware is on the rise, and organizations must act. IT teams need to adopt automated vulnerability discovery and risk scoring platforms to prioritize key exposures by asset impact and criticality and remediate those first. Doing this reduces the organizations’ attack surface.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

Kong's New Dedicated Cloud Gateways: Fully Managed for Optimal Efficiency

By: Greg Tavarez    10/3/2023

Kong introduced Kong Konnect Dedicated Cloud Gateways, which offers a straightforward and budget-friendly approach to deploying Kong Gateways in the c…

Read More

Kterio and eSentire Team Up to Protect Critical Infrastructure from Cyber Threats

By: Greg Tavarez    9/29/2023

Combined, eSentire and Kterio are positioned to deliver a 24/7 full-scale solution to support teams in charge of critical infrastructure firms.

Read More

GoSecure Signs on as a Silver Sponsor for MSP Expo 2024, Part of the #TECHSUPERSHOW

By: TMCnet News    9/29/2023

Leading Communications and Technology Event Returns to Florida for the 24th Consecutive Year.

Read More

Gaichu Managed Services and Overwatch by High Wire Networks Bring Advanced Cybersecurity Solutions to US

By: Greg Tavarez    9/28/2023

Gaichu Managed Services is bringing 24/7 monitoring and rapid response capabilities to SMBs through a partnership with High Wire Networks' Overwatch M…

Read More

Stamus Networks Expands Reach Through Ayscom Reseller Pact

By: Greg Tavarez    9/28/2023

Stamus Networks expanded its reach to Spain and Portugal through a reseller agreement with Ayscom.

Read More