Ransomware Index Update Q3 2021

The Ransomware Index Update Q3 2021 continues to show a steady increase in all key ransomware markers. Our ransomware research has identified ransomware groups expanding their attack arsenal with 12 new vulnerability associations in Q3, twice that of the previous quarter.

The Q3 Ransomware Index update highlights the results of our in-depth research related to ransomware groups and the vulnerabilities and weaknesses they go after. The Report also focuses on some of the key trends we have observed and aims to provide organizations the knowledge they need to stay safe from falling victims to such attacks.

The Top Five Findings:

1. The number of vulnerabilities associated with ransomware has increased from 266 to 278 in Q3 2021.
2. There has been a 4.5% increase in trending vulnerabilities that are being actively exploited to mount attacks, taking the total count to 140.
3. With 5 new ransomware families identified in Q3, we now have a total of 151 ransomware families.
4. Ransomware groups continue to find and leverage zero-day vulnerabilities even before the CVEs are added to the National Vulnerability Database (NVD) and patches are released.
5. The total count of older* vulnerabilities associated with ransomware is now 258, which is a whopping 92.4% of all vulnerabilities tied to ransomware.
   *Vulnerabilities identified before 2021 are considered older