News

Ransomware: Most attacks exploit old vulnerabilities, and large companies experience several daily

The ransomware attacks, contrary to what it may seem, I know they take advantage of old vulnerabilities in most cases that have not yet been patched in the companies in which they are produced. Thus, according to a report from the cybersecurity provider Ivanti, in the third quarter of 2021, attackers exploited a dozen new vulnerabilities, bringing the number of those associated with ransomware to 278. This data confirms what we have mentioned. Although the ransomware groups are more and more numerous, clever and sophisticated, they continue to use vulnerabilities already known for a long time.

Thus, in that period, vulnerabilities associated with ransomware rose 4.5%. The most common and exploited vulnerabilities in the period registered a similar increase, while ransomware families were up 3.4% from the previous quarter. Of the dozen new vulnerabilities, five are capable of remote code execution attacks, and two are capable of exploiting web applications and being manipulated to launch denial of service attacks.

Furthermore, old vulnerabilities associated with ransomware were up 1.2% compared to the previous three months, bringing the number of vulnerabilities associated with ransomware to 258. Therefore, no less than 92.4% of all vulnerabilities related to ransomware are old and there are patches for them.

According Srinivas Mukkamala, Vice President of Security Products at Ivanti, «Ransomware groups continue to mature their tactics, increasing their attack arsenals and targeting unpatched vulnerabilities within surface enterprise attacks. It is critical that organizations take a proactive, risk-based approach to patch management, leveraging automation technologies to reduce the time they spend detecting, discovering, remediating, and responding to ransomware attacks and other threats.«.

On the other hand, according to another cybersecurity report, in this case from the email security company Mimecast carried out from a survey among 742 professionals from around the world, close to the 80% of companies of the world have suffered a ransomware attack in the last two years. Of these, many have had to cope with and stop up to four attacks each day.

While, on average, companies experienced an average of 3,000 ransomware attacks, it has been large companies, that is, those with more than 5,000 employees, that have endured the most attacks of this type, with almost 10,000 in that period. Of the total, the most numerous have been made through phishing emails with associated files in which ransomware is found (54%). They are followed by web security, with 47%, and phishing emails that lead to an external download (45%).

Related Articles