Security News > 2022 > January > Ransomware families becoming more sophisticated with newer attack methods
Unpatched vulnerabilities remain the most prominent attack vectors exploited by ransomware groups.
The analysis uncovered 65 new vulnerabilities tied to ransomware last year, representing a 29% growth compared to the previous year and bringing the total number of vulnerabilities associated with ransomware to 288.
With 157 ransomware families exploiting 288 vulnerabilities, ransomware groups are poised to wage rampant attacks in the coming years.
Srinivas Mukkamala, SVP of Security Products at Ivanti, said: "Ransomware groups are becoming more sophisticated, and their attacks more impactful. These threat actors are increasingly leveraging automated tool kits to exploit vulnerabilities and penetrate deeper into compromised networks. They are also expanding their targets and waging more attacks on critical sectors, disrupting daily lives and causing unprecedented damage. Organizations need to be extra vigilant and patch weaponized vulnerabilities without delays. This requires leveraging a combination of risk-based vulnerability prioritization and automated patch intelligence to identify and prioritize vulnerability weaknesses and then accelerate remediation."
Anuj Goel, CEO at Cyware, said, "The substantive change we've observed across the ransomware landscape is that the attackers are looking to penetrate processes like patch deployment as much as they look for gaps in protection to penetrate systems. Vulnerability discovery must be met with an action that treats vulnerability data as intelligence to drive swift response decisions. As ransomware gangs operationalize their tooling, methods and target lists, its essential for SecOps teams to automate processes to self-heal vulnerable assets and systems to mitigate risk through real-time intelligence operationalization."
Aaron Sandeen, CEO of Cyber Security Works, said, "Ransomware is devastating to customers and employees in every sector! In 2022, we will continue to see an increase in new vulnerabilities, exploit types, APT groups, ransomware families, CWE categories, and how old vulnerabilities are leveraged to exploit organizations. Leaders need innovative and predictive help to prioritize and remediate ransomware threats."
News URL
https://www.helpnetsecurity.com/2022/01/28/new-ransomware-families/
Related news
- Lessons from a Ransomware Attack against the British Library (source)
- Jackson County in state of emergency after ransomware attack (source)
- Panera Bread week-long IT outage caused by ransomware attack (source)
- The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack (source)
- How can the energy sector bolster its resilience to ransomware attacks? (source)
- The Drop in Ransomware Attacks in 2024 and What it Means (source)
- Change Healthcare faces second ransomware dilemma weeks after ALPHV attack (source)
- Daixin ransomware gang claims attack on Omni Hotels (source)
- Change Healthcare’s ransomware attack costs edge toward $1B so far (source)
- United Nations agency investigates ransomware attack, data theft (source)