Skip to main content

Most ransomware attacks rely on exploiting older, unpatched vulnerabilities

security
(Image credit: Shutterstock / Askobol)

Ransomware attackers exploited a dozen new vulnerabilities in campaigns in Q3 2021, bringing the total number of vulnerabilities associated with ransomware to 278, claims a new report.

Compiled by cybersecurity vendor Ivanti, the report reveals that ransomware groups are continuing to grow in sophistication, boldness, and volume, with numbers up across the board since Q2 2021. 

It tracked a 4.5% increase in CVEs associated with ransomware in Q3 2021, along with a similar increase in actively exploited and trending vulnerabilities, along with a 3.4% increase in ransomware families, as compared to Q2 2021. 

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

"Ransomware groups continue to mature their tactics, expand their attack arsenals, and target unpatched vulnerabilities across enterprise attack surfaces,” notes Srinivas Mukkamala, Senior Vice President of Security Products at Ivanti.

Attacking unpatched vulnerabilities

Out of the 12 vulnerabilities newly associated with ransomware, five are capable of remote code execution attacks, and two are capable of exploiting web applications and being manipulated to launch denial-of-service attacks.

Importantly, the report also showed a 1.2% increase in older vulnerabilities tied to ransomware compared to the previous quarter, bringing the total count of older vulnerabilities associated with ransomware to 258. 

This means that a staggering 92.4% of all vulnerabilities tied to ransomware are those that have already been patched..

In fact, Ivanti notes that In Q3 2021, the Cring ransomware group targeted two older vulnerabilities, namely CVE-2009-3960 and CVE-2010-2861, that have had patches for over a decade.

“It’s critical that organizations take a proactive, risk-based approach to patch management and leverage automation technologies to reduce the mean time to detect, discover, remediate, and respond to ransomware attacks and other cyber threats,” concludes Mukkamala.

Build a digital moat around your network using one of these best firewall apps and services, and protect your computers against all kinds of cyber-attacks with these best endpoint protection tools

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.