Out of 10 key metrics tracked quarterly to establish the state of ransomware activity, only one metric stayed static from Q1 to Q3 2022. The other nine all worsened.

That’s an alarming trend, especially given that many business leaders hoped to see ransomware activity taper off after a historic surge during the peak of the pandemic. 

Ivanti, together with Cyber Security Works and Cyware, collaborated on the just-released report. To inform the report, ransomware data was meticulously collected from multiple data sources known for their accuracy and is continuously updated by the Cyber Security Works and Securin research teams. 

The full report is available and worth a read. Here are a few important takeaways: 

  • The pandemic surge is real ... Since 2019, there has been a 466% growth in the number of vulnerabilities associated with ransomware.            
  • … and it’s not over. A total of 13 new vulnerabilities have become exploitable by ransomware threat actors in the past six months, and the vast majority of those – 11 in total, are from Q3 alone.
  • It’s critical. 10 out of the 13 newly associated vulnerabilities have a “critical” severity rating.
  • Popular scanners aren’t cutting it … Popular scanners, including Nessus, Nexus and Qualys, are not filtering 18 ransomware vulnerabilities.
  • … and the CISA KEV Catalog is incomplete. The Known Exploited Vulnerabilities (KEV) catalog from CISA is missing at least 124 ransomware vulnerabilities.
  • Three industries are the hardest hit. Healthcare, energy and critical manufacturing are at particular risk from 16 ransomware vulnerabilities exploited by some of the most notorious ransomware operators. 
  • Ransomware needs human interaction and phishing as the only attack vector is a myth. Ransomware attack vectors have evolved and are now targeting remote access services, software weaknesses and cloud applications.
  • 57 vulnerabilities can facilitate a MITRE ATT&CK complete kill chain from initial access to exfiltration, making them extremely dangerous as ransomware attackers could use them to take down their victims. 
  • New ransomware families are emerging constantly. Several new ransomware families have emerged over the last six months, making it essentially impossible to keep pace without a comprehensive, proactive and risk-based strategy.

The full report contains essential details, including information on the new ransomware families; affected vendors and products; key trends; and more intelligent insights. Ransomware operators are fully up to speed on what’s happening. That means you should be, too.