Ivanti, the provider of the Ivanti Neurons automation platform that discovers, manages, secures, and services IT assets from cloud to edge, today announced the results of the Q3 2021 Ransomware Index Spotlight Report that it conducted with Cyber Security Works and Cyware, the leading provider of Cyber Fusion, next-generation SOAR and threat intelligence solutions. The report revealed that ransomware groups are continuing to grow in sophistication, boldness, and volume, with numbers up across the board since Q2 2021.
The report also identified six new active and trending vulnerabilities associated with ransomware, bringing the total to 140, and five new ransomware families, bringing the total to 151. And these new ransomware groups quickly capitalized on some of the most dangerous vulnerabilities trending in the wild, such as PrintNightmare, PetitPotam and ProxyShell, in Q3. The analysis also revealed that ransomware groups are leveraging newer, more sophisticated techniques, such as dropper-as-a-service and trojan-as-a-service, in attacks. Dropper-as-a-service allows newbie threat actors to distribute malware through programs that, when run, can execute a malicious payload onto a victim’s computer. Trojan-as-a-service, also called malware-as-a-service, enables anyone with an internet connection to obtain and deploy customized malware in the cloud, with zero installation.
Srinivas Mukkamala, Senior Vice President of Security Products at Ivanti, said: “Ransomware groups continue to mature their tactics, expand their attack arsenals, and target unpatched vulnerabilities across enterprise attack surfaces. With this report, we aim to help organizations realize the security risk and vulnerability exposure of their environments and endpoints and provide actionable intelligence to remediate faster. It’s critical that organizations take a proactive, risk-based approach to patch management and leverage automation technologies to reduce the mean time to detect, discover, remediate, and respond to ransomware attacks and other cyber threats.”
Anuj Goel, CEO at Cyware said, “This research underscores that ransomware is continuing to evolve and is becoming more dangerous based on the catastrophic damage it can inflict on target organizations. What is more complex for many organizations is the inability of vertical industries to rapidly share specific IOC’s irrespective of their industry, in a way that is easy to curate, operationalize and disseminate to take action before an attack hits. Managing organizational risk means companies should be looking to a collective defense strategy to have continuously visibility into the attack and risk surfaces respectively, to reduce huge losses to reputation, customers, and finances. The more that cyber teams can tie into IT automation and processes, the better and more efficient they’ll be in countering ransomware.”
