Ransomware experienced a stunning surge in prevalence and sophistication throughout the pandemic. Threat actors capitalized on a frequently shaky transition to a remote, digital business landscape. With so many businesses prioritizing basic functionality over proactive security, vulnerabilities have been unprecedented – and very much exploited.

Case in point: In a recent survey, Ivanti found that well over half of respondents (58%) reported that their businesses had been the victim of a ransomware attack in the last year alone. A significant percentage of those respondents said that the attack took weeks, not simply days or hours, to recover from.

Ransomware attacks dominated headlines throughout 2020, but as we round the corner into 2022 it’s imperative that people not let their guards down. Quite the opposite: evidence suggests that ransomware attacks are still rising – and attackers are getting even bolder.

Just released: Q3 survey results

The Ransomware Index Update for Q3 2021 continues to show a steady increase in all key ransomware markers. The headline-grabber: there has been a 4.5% increase in CVEs associated with ransomware and a 3.4% increase in ransomware families over Q2 2021. That’s a notable increase in just one quarter, at a time when many businesses are starting to smooth out their Everywhere Workplace and, apparently, start to overlook clear risk factors.

The report, a collaboration between Ivanti, Cyber Security Works, and Cyware, also shows a 1.2% increase in older vulnerabilities tied to ransomware compared to Q2 2021.

The analysis uncovered 12 new vulnerabilities tied to ransomware in Q3 2021, bringing the total number of vulnerabilities associated with ransomware to 278. Out of the 12 vulnerabilities newly associated with ransomware, five are capable of remote code execution attacks and two are capable of exploiting web applications and being manipulated to launch denial-of-service attacks. The report also revealed that ransomware groups are continuing to find and leverage zero-day vulnerabilities, even before the CVEs are added to the National Vulnerability Database and patches are released. For example, the REvil group discovered and exploited a vulnerability in Kaseya VSA software as the security team at the company was actively working on a patch.

The report identified six new active and trending vulnerabilities associated with ransomware, plus three vulnerabilities belonging to 2020 or earlier that became newly associated with ransomware in Q3 2021. It’s clear that ransomware groups are not letting up. They’re continuing to evolve their tactics, rendering the traditional reactionary approach more futile than ever.

The solution: a proactive, risk-based approach that identifies and prioritizes vulnerabilities with intelligent data. Chasing after existing threats leaves companies constantly fighting from behind. On the flip side, it’s prohibitively difficult to try to patch and defend against every vulnerability at all times. Automated risk-based intelligence is a tool that businesses can leverage to stay ahead of increasingly sophisticated threats without using up excess human capital.

To read the Ransomware Index Spotlight report in full, click here.

For more on Ivanti’s risk-based solutions, click here.