Ransomware Index Report Q1 2022

The Ransomware Index Update Q1 2022 documents our continued investigation of ransomware groups and their weaponry of choice. In this index update, we highlight key index numbers that have changed since we published the Ransomware Spotlight Report 2022 in January 2022.

In this report, we provide a look into the current ransomware ecosystem, along with our insights and early warning predictions of highly targeted attack vectors. Our goal in publishing this Ransomware Index Update is to help organizations understand the true risk posed by rapidly evolving ransomware groups, and provide actionable learnings that organizations can use to strengthen their security posture and chart a strong defensive roadmap to counter these threats.

Top Five Findings

• 22 new vulnerabilities and 9 new weaknesses have been associated with ransomware since January 2022.
• 141 of CISA’s Known Exploited Vulnerabilities (KEVs) are being used by ransomware operators including 18 newly identified this quarter.
• 11 vulnerabilities tied to ransomware are undetected by popular scanners.
• 3 new APT groups (Exotic Lily, APT 35, DEV-0401) and 4 new ransomware families (AvosLocker, Karma, BlackCat, Night Sky) are deploying ransomware to attack their targets.
• Data gaps in CWE, CAPEC, and MITRE about vulnerabilities are handicapping security researchers while enabling attackers to stealthily enter unsuspecting organizational networks.