Ransomware: Through the Lens of Threat and Vulnerability Management

Since we published our 2021 Spotlight Report and index updates (1, 2, and 3) that highlighted key metrics, we have been tracking ransomware threats. We have been able to warn organizations and product vendors about ransomware threats and the specific vulnerabilities these threats are targeting through these reports.

This report brings you trends that we have noticed in the past year regarding the type of vulnerabilities that the attackers are going after, the CWEs that are churning out the most number of weaknesses, and the myriad ways in which ransomware is being used to attack organizations.

This year, we have partnered with two companies to bring forth this report—Ivanti and Cyware. This joint effort exponentially expands our efforts to provide organizations with critical insights into ransomware threats.

Executive Summary

Our dynamic and continued ransomware research focuses on vulnerabilities and the methods used by ransomware groups to instigate crippling attacks. In 2021, we noticed ransomware groups continue to leverage any gaps in software weaknesses, from scouting for yet-to-be recognized vulnerabilities to those that fly under the radar, weaponizing them in record time. We also observed a definitive intent to broaden their attack sphere, focusing their efforts on newer ways to compromise organizational networks and fearlessly trigger high-impact assaults.

In the wake of growing ransomware threats, a commissioned study conducted by Forrester Consulting on behalf of Cyware indicates organizations are looking to improve threat detection, incident response, and data accessibility amongst teams and automate security processes while unifying cybersecurity solutions. Furthermore, they are willing to invest in solutions that offer threat intelligence, incident response, case management, intelligence sharing, and vulnerability assessment in the coming year. Our ransomware research serves as the first step in this direction.

This Spotlight Report provides actionable insights and data that help security teams prioritize patching. This report provides high-level insights—for leaders and their organizations—that could shape future decisions and help defend their environment from crippling attacks.