Ivanti, a cyber security solutions provider, has said that the number of ransomware-related vulnerabilities has gone down by 7.6 per cent to 310 in the first quarter of 2022 as against 288 in the same quarter of 2021.

The Ransomware Index Report Q1 2022 published by Invanti has disclosed 22 new vulnerabilities tied to ransomware. After gaining access to a PC or a network using social engineering techniques, hackers steal or encrypts the data and demand ransom from the victims to release it.

The number of actively exploited and trending vulnerabilities has gone up to 157 in the given quarter as against 147 in the comparable quarter last year, depicting a growth of 6.8 per cent.

“All of these vulnerabilities have patches, mitigations or workarounds available. Organisations are recommended to apply fixes before it is too late,” an Invanti executive has said.

The newly added vulnerabilities include three of critical severity, one of medium-severity and 18 as of the high severity. The report has identified three new Advanced Persistent Threat (APT) groups that are using ransomware to invade organisational networks. “We now have 43 APT groups deploying ransomware in their attacks, recording an increase of 7.5 per cent.”

Russia-Ukraine war

The recent cyberwar sparked by the Russia-Ukraine conflict saw the use of a large number of malware and ransomware threats from APT groups against nations supporting the warring countries. “We also saw Conti ransomware operators openly pledging support to Russia and vowing to take down the critical infrastructure of Russia’s enemies,” the report said.

The ransomware operators continued to weaponise vulnerabilities faster than ever before and targeted those that created maximum disruption and impact.

“This increased sophistication by ransomware groups has resulted in vulnerabilities being exploited within eight days of patches being released by vendors,” it said. This means that any minor laxity in security measures by third-party vendors and organisations is sufficient for ransomware groups to enter and infiltrate vulnerable networks. To make matters worse, many popular scanners are not detecting several key ransomware vulnerabilities.

The research has revealed that over 3.5 per cent of ransomware vulnerabilities are being missed (in scanning), exposing organisations to grave risks.

“Threat actors are increasingly targeting flaws in cyber hygiene, including legacy vulnerability management processes. Today, many security and IT teams struggle to identify the real-world risks that vulnerabilities pose and therefore, improperly prioritise them for remediation,” said Srinivas Mukkamala, Senior Vice-President and General Manager of Security Products at Ivanti.