• About
  • Subscribe
  • Contact
Thursday, May 8, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

The pace of ransomware weaponization quickens

FutureCIO Editors by FutureCIO Editors
May 25, 2022
Photo by Nikita Belokhonov from Pexels: https://www.pexels.com/photo/anonymous-hacker-with-on-laptop-in-white-room-5829726/

Photo by Nikita Belokhonov from Pexels: https://www.pexels.com/photo/anonymous-hacker-with-on-laptop-in-white-room-5829726/

The Ransomware Index Report identified a 7.6% increase in the number of vulnerabilities tied to ransomware in Q1 2022, with the Conti ransomware group exploiting most of those vulnerabilities. The report uncovered 22 new vulnerabilities tied to ransomware (bringing the total to 310). 19 of those vulnerabilities are connected to Conti, a prolific ransomware group that pledged support for the Russian government following the invasion of Ukraine.

Source: Ransomware Index Report Q1 2022, Ivanti

The report also revealed a 7.5% increase in APT groups associated with ransomware, a 6.8% increase in actively exploited and trending vulnerabilities and a 2.5% increase in ransomware families.

Analysis revealed that three new Advanced Persistent Threat (APT) groups (Exotic Lily, APT 35, DEV-0401) started using ransomware to attack their targets, 10 new active and trending vulnerabilities became associated with ransomware (bringing the total to 157) and four new ransomware families (AvosLocker, Karma, BlackCat, Night Sky) became active in Q1 2022.

Faster weaponization of vulnerabilities

Source: Ransomware Index Report Q1 2022, Ivanti

Additionally, the report revealed that ransomware operators continued to weaponize vulnerabilities faster than ever before and target those that create maximum disruption and impact. This increased sophistication by ransomware groups has resulted in vulnerabilities being exploited within eight days of patches being released by vendors.

It also means that any minor laxity in security measures by third-party vendors and organisations is sufficient for ransomware groups to enter and infiltrate vulnerable networks. To make matters worse, some of the most popular scanners are not detecting several key ransomware vulnerabilities.

The research revealed that over 3.5% of ransomware vulnerabilities are being missed, exposing organisations to grave risks.

Aaron Sandeen

Aaron Sandeen, CEO of Cyber Security Works, said, “The fact that scanners are not detecting critical ransomware vulnerabilities is a huge problem for organisations. The good news is that in this quarter, we saw the number coming down."

This means that scanner companies are taking this seriously. That said, there are still 11 ransomware vulnerabilities that the scanners are not detecting where five are rated critical and associated with notorious ransomware gangs like Ryuk, Petya and Locky.

Further handicapping security and IT teams are gaps that exist within the National Vulnerability Database (NVD), the Common Attack Pattern Enumeration and Classification (CAPEC) list by The MITRE Corporation and the Known Exploited Vulnerabilities (KEVs) catalogue by the US Cybersecurity and Infrastructure Security Agency (CISA).

The report revealed that the NVD is missing Common Weakness Enumerations (CWEs) for 61 vulnerabilities, while the CAPEC list is missing CWEs for 87 vulnerabilities. On average, a ransomware vulnerability is added to the NVD a week after being disclosed by a vendor. 169 vulnerabilities with ransomware associations have yet to be added to the CISA KEV list. Meanwhile, hackers worldwide are actively targeting 100 of these vulnerabilities, scouting organisations for one unpatched instance to exploit.

Srinivas Mukkamala

Srinivas Mukkamala, senior vice president & general manager of security products at Ivanti, cautioned that threat actors are increasingly targeting flaws in cyber hygiene, including legacy vulnerability management processes.

He noted that many security and IT teams struggle to identify the real-world risks that vulnerabilities pose and therefore improperly prioritise vulnerabilities for remediation.

For example, many only patch new vulnerabilities or those that have been disclosed in the NVD. Others only use the Common Vulnerability Scoring System (CVSS) to score and prioritise vulnerabilities.

"To better protect organisations against cyberattacks, security and IT teams need to adopt a risk-based approach to vulnerability management. This requires AI-based technology that can identify enterprise exposures and active threats, provide early warnings of vulnerability weaponization, predict attacks and prioritise remediation activities," he elaborated.

Threat to healthcare systems

The report also analysed 56 vendors that supply healthcare applications, medical devices and hardware used in hospitals and healthcare centres and uncovered 624 unique vulnerabilities in their products.

Forty of those vulnerabilities have public exploits and two vulnerabilities (CVE-2020-0601 and CVE-2021-34527) are associated with four ransomware operators (BigBossHorse, Cerber, Conti and Vice Society).

Unfortunately, this could indicate that the healthcare industry may be targeted more aggressively by ransomware attacks in the coming months.

Anuj Goel

Cyware co-founder and CEO, Anuj Goel warns that ransomware is now one of the most predominant attack vectors affecting the bottom line of organisations globally.

He added that the Q1 report underscores the fact with new numbers that show an increase in the number of ransomware vulnerabilities and the APTs using ransomware. However, one of the major concerns that have surfaced is the lack of complete threat visibility for security teams owing to cluttered threat intelligence available across sources.

"If security teams must mitigate ransomware attacks proactively, they must tie their patch and vulnerability response to a centralised threat intelligence management workflow that drives complete visibility into the shape-shifting ransomware attack vectors through multi-source intelligence ingestion, correlation and security actioning," he concluded.

Related:  PZTA to provide higher levels of security than VPNs
Tags: Cyber Security WorksCywareIvantiransomware
FutureCIO Editors

FutureCIO Editors

No Result
View All Result

Recent Posts

  • ARTHALAND chooses OutSystems to advance real estate sustainability
  • Experts warn against AI-powered deepfake impersonation scams
  • Dropbox updates universal search and knowledge management product
  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe