Most ransomware attacks rely on exploiting older, unpatched vulnerabilities

News
By published

Businesses should take a proactive approach to patch management, experts say

security
(Image credit: Shutterstock / Askobol)

Ransomware attackers exploited a dozen new vulnerabilities in campaigns in Q3 2021, bringing the total number of vulnerabilities associated with ransomware to 278, claims a new report.

Compiled by cybersecurity vendor Ivanti, the report reveals that ransomware groups are continuing to grow in sophistication, boldness, and volume, with numbers up across the board since Q2 2021. 

It tracked a 4.5% increase in CVEs associated with ransomware in Q3 2021, along with a similar increase in actively exploited and trending vulnerabilities, along with a 3.4% increase in ransomware families, as compared to Q2 2021. 

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

"Ransomware groups continue to mature their tactics, expand their attack arsenals, and target unpatched vulnerabilities across enterprise attack surfaces,” notes Srinivas Mukkamala, Senior Vice President of Security Products at Ivanti.

Attacking unpatched vulnerabilities

Out of the 12 vulnerabilities newly associated with ransomware, five are capable of remote code execution attacks, and two are capable of exploiting web applications and being manipulated to launch denial-of-service attacks.

Importantly, the report also showed a 1.2% increase in older vulnerabilities tied to ransomware compared to the previous quarter, bringing the total count of older vulnerabilities associated with ransomware to 258. 

This means that a staggering 92.4% of all vulnerabilities tied to ransomware are those that have already been patched..

In fact, Ivanti notes that In Q3 2021, the Cring ransomware group targeted two older vulnerabilities, namely CVE-2009-3960 and CVE-2010-2861, that have had patches for over a decade.

“It’s critical that organizations take a proactive, risk-based approach to patch management and leverage automation technologies to reduce the mean time to detect, discover, remediate, and respond to ransomware attacks and other cyber threats,” concludes Mukkamala.

Build a digital moat around your network using one of these best firewall apps and services, and protect your computers against all kinds of cyber-attacks with these best endpoint protection tools

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
A person at a laptop with a cybersecure lock symbol floating above it.
Hackers are still using old Ivanti bugs to break into networks
Hacker Typing
Racing against time on a menacing caldera: survey finds majority of organizations take days to tackle critical vulnerabilities, each of them a potential open goal for cybercriminals
Representational image depecting cybersecurity protection
Ivanti reveals major security update, so make sure you're protected
A laptop with a red screen with a white skull on it with the message: &quot;RANSOMWARE. All your files are encrypted.&quot;
More reports claim 2024 was the worst year for ransomware attacks yet
ransomware avast
“Every organization is vulnerable” - ransomware dominates security threats in 2024, so how can your business stay safe?
Android phone malware
Over 25 new malware variants created every single hour as smart device cyberattacks more than double in 2024
Latest in Security
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Lock on Laptop Screen
Data breach at Pennsylvania education union potentially exposes 500,000 victims
Data leak
Top collectibles site leaks personal data of nearly a million users
Spyware
Stalkerware data breach potentially hits over 2 million users, including thousands of Apple devices
An American flag flying outside the US Capitol building against a blue sky
Five Eyes "cannot replace US intel in Ukraine", claims former US Cyber Command Chief
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Criminals are using a virtual hard disk image file to host and distribute dangerous malware
Latest in News
Apple iPhone 16 Pro Max REVIEW
The latest batch of leaked iPhone 17 dummy units appear to show where glass meets metal on the new designs
Hornet swings their weapon in mid air
Hollow Knight: Silksong could potentially launch this year and I reckon it could be a great game for an Xbox handheld
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Cassian looking at someone off-camera from a TIE fighter cockpit in Andor season 2
Star Wars: Andor creator is taking a stance against AI by canceling plans to release its scripts, and I completely get why
Nintendo x Seattle Mariners partnership
The Nintendo Switch 2 logo will be featured on the Seattle Mariners' baseball jerseys this season
Apple iPhone 16 Pro Max Review
Siri's chances to beat ChatGPT just got a whole lot better
More about security
ransomware avast

Ransomware attacks are costing Government offices a month of downtime on average
Data leak

Top collectibles site leaks personal data of nearly a million users
Apple iPhone 16 Pro Max REVIEW

The latest batch of leaked iPhone 17 dummy units appear to show where glass meets metal on the new designs
See more latest
Most Popular
Apple iPhone 16 Pro Max REVIEW
The latest batch of leaked iPhone 17 dummy units appear to show where glass meets metal on the new designs
SanDisk Slim Dual Drive
This is the first 2TB dual-port external SSD ever and it's not as expensive as you may think
Bimawen B15.6 TV Pro
A sign of things to come? This portable monitor comes with Google TV, a remote control and a very well hidden Android PC
Cassian looking at someone off-camera from a TIE fighter cockpit in Andor season 2
Star Wars: Andor creator is taking a stance against AI by canceling plans to release its scripts, and I completely get why
Kioxia LC9 2.5 SSD
After 7 years, Exadrive's 100TB 2.5-inch SSD is finally superseded by a far superior 122.88TB model from Kioxia
Nintendo x Seattle Mariners partnership
The Nintendo Switch 2 logo will be featured on the Seattle Mariners' baseball jerseys this season
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Beatles&#039; Abbey Road streaming on Qobuz, on a smartphone
Qobuz reveals how much it really pays per stream, and I want to see more of this transparency to help us spend money more ethically
Apple iPhone 16 Pro Max Review
Siri's chances to beat ChatGPT just got a whole lot better
Data leak
Top collectibles site leaks personal data of nearly a million users