Cyber Security Works Ransomware Index Report found that 13 vulnerabilities have become newly associated with Ransomware in 2022 Q2/Q3.
Published in collaboration with Securin, Ivanti, and Cyware, the report highlights many key index numbers in relation to ransomware threats.
The top five takeaways from this report include –
Apart from these key findings, the report also highlights CSW’s research on Common Weakness Enumeration (CWEs) that are contributing vulnerabilities to ransomware operators. An overall of 16 new CWE categories has started contributing vulnerabilities that attackers are adopting. The top three CWEs include – CWE-917, CWE-943, and CWE-610, which highlights the need for product companies and vendors to shift left and test their products thoroughly before launching them.
The report also has a special snapshot section that highlights the investigation of threats faced by 16 Industrial Contol systems (ICS) critical infrastructure sectors. We found that 12 ICS sectors are at risk from ransomware, and among them, Healthcare, Energy, and Critical Manufacturing sectors are at maximum risk from ransomware attackers.
“Ransomware menace continues to grow. We have seen a 466% growth in the count of ransomware vulnerabilities in the past few years. Through this data and research, we have enabled many of our customers to gain resilience through our Vulnerability Intelligence and ASM, providing them a hacker’s view of their attack surface,” Aaron Sandeen, CEO, and Co-founder of CSW said on the findings.
The report also provides interesting insights into CSW’s MITRE mapping analysis and many trends that have been red-flagged by the experts.
For organizations and product companies, this report provides a handy appendix of ransomware vulnerabilities that are not being detected by popular scanners, Ransomware family IOCs and also top 10 vulnerabilities that have the highest likelihood of exploitation.
Adding to this, Sandeen said, “We have been ahead of the game in the past year, warning our customers about vulnerabilities way ahead of CISA. Our predictive threat intelligence platform (Securin VI) has been able to warn customers of threats way before they were adopted by threat groups and ransomware operators.”
To download the full report, please click HERE.
Tune in to hear from Chris Brown, Vice President of Sales at CADDi, a leading manufacturing solutions provider. We delve into Chris’ role of expanding the reach of CADDi Drawer which uses advanced AI to centralize and analyze essential production data to help manufacturers improve efficiency and quality.