Experts say ransomware hackers are digging into archives looking for old vulnerabilities that can be exploited in new attacks.
A new report recently published by Cyber Security Works, Ivanti, Cyware and Securin showed that for ransomware operators “old is still gold” as more than three-quarters (76%) of all vulnerabilities used in ransomware attacks between 2010 and 2019 were discovered .
Last year, of the 56 vulnerabilities that were used to deploy malware, 20 (35%) were discovered between 2015 and 2019.
You’re looking for holes
To deploy ransomware, attackers need to find a vulnerability that allows them to install malicious code remotely, disable any firewall or antivirus solutions that victims may have installed on their endpoints, and cover their tracks during encryption.
A useful vulnerability can be found everywhere, from the operating system (OS), to any programs victims may have installed on their devices, to any connected devices such as routers, printers, smart home appliances, and the like.
While security researchers as well as hardware and software vendors try to discover these vulnerabilities before they are exploited and release a patch to plug the vulnerability, users are often not so quick. As a result, many devices are still vulnerable to years of failure. Older vulnerabilities are arguably more dangerous than newly discovered ones because there is already a proof of concept and compromise methodology developed. All the attackers need to do in this case is find a vulnerable device.
According to the study, 56 new vulnerabilities used to deploy malware were discovered last year, out of 344 vulnerabilities discovered in 2022 – an increase of 19% year-on-year.
“Ransomware is a priority for every organization, both in the private and public sectors,” said Srinivas Mukkamala, Ivanti’s chief product officer. “Fighting ransomware has topped the list of priorities for world leaders due to the growing toll of organizations, communities and individuals. It is imperative that all organizations truly understand their attack surface and provide their organizations with multi-layered security to be resilient against the increasing number of attacks.”
- Here is a compilation of the best firewalls (opens in a new tab) at this point