Ransomware Spotlight Report 2021: 223 Vulnerabilities tied to Ransomware

Posted on Feb 13, 2021 | By Sumeetha Manikandan

Cyber Security Works (CSW), a leader in Attack Surface Management and an official CVE Numbering Authority (CNA), partnered with RiskSense® - a pioneering risk-based vulnerability management and prioritization to release a new Ransomware Spotlight Report “Ransomware Through the Lens of Threat and Vulnerability Management”.

This is the most definitive report about ransomware research delving deep into vulnerabilities that are enabling these attacks. It also provides an in-depth view of different ransomware families; APT groups and the nation states they are linked to. It also highlights the affiliate business model of Ransomware as a Service and the ransomware packages that are sold in the dark web enabling threat actors to easily launch cyber-attacks.

Among the report’s key findings, it was found that total vulnerabilities associated with ransomware quadrupled from 57 in our 2019 research to 223 in 2020

Software-as-a-service (SaaS) applications emerged as a new target for ransomware, and had the highest count of vulnerabilities that were seen trending with active exploits. 

Five Foundational Code Weakness that are exploited by Ransomware, which will provide Indian software industry and the developer community with insights into what vulnerabilities they are introducing into software that’s being shipped out of India.

Eight nation states are linked to advanced persistent threat (APT) groups who are incorporating ransomware as their arsenal to launch offensive cyber attacks. Eight APT groups (APT 1, APT10, APT40, APT41, Cycldek, Naikon, Rocke, Wizard Spider) are state sponsored by China to launch ransomware attacks on critical organizations worldwide.

Complete findings and a copy of the report can be accessed here.  

“Attack Surface Management (ASM) is all about organizations reducing their exposure to cyber attacks and in particular to ransomware. The number of weaponized vulnerabilities associated with ransomware have quadrupled in 2020 which means organizations need to view vulnerabilities from a ransomware context and patch them continuously.” – Ram Swaroop, President & Co-founder, Cyber Security Works.

Why is this report important for India?

According to recent stats, 89% of Indian IT leaders are concerned about data protection from ransomware and with good reason as there has been a 31% increase in ransomware attack on Indian organizations during COVID-19 pandemic in 2020.  NHAI, Apollo Tyres, India Bulls, P & R Group, Delhi Medical Council have been victims of ransomware in the past year and their data is exposed on the dark web. 

A few of the known high profile data breaches in India that impacted critical infrastructure spam from Pharma to Telecom to Ecommerce to Several Public Sector Entities. Dr. Reddy’s, Big Basket, Airtel, Jawaharlal Nehru Port Trust (JNPT), Juspay exposed sensitive data and personal information onto the dark web.

India's quest to become a knowledge economy and Digital India should enforce stringent cybersecurity laws that mandates organizations to follow data protection regulations which in turn will make it hard for threat actors and state-sponsored APT groups to compromise sensitive data and critical organizations in India and disrupt the economy.

With ransomware moving from operating systems to SaaS products, Indian software industry needs to know the weaknesses that our developers are introducing into the software and adopt a security focused approach while writing code or by using no code to low code libraries as a part of the supply chain to avoid a Solar Winds type of attack.

96% of vulnerabilities found tied to ransomware are old weaknesses which makes cyber hygiene extremely critical for organizations. Juxtaposing this insight with Prime Minister Narendra Modi’s vision for India’s digital transformation makes this report an invaluable tool for Indian organizations and entities.

Complete findings and a copy of the report can be accessed here.  

About CSW

CSW is a cybersecurity company focused on attack surface management as a service (AMAS), Vulnerability Management as a Service (VMAS), and penetration testing as a service (PTAS). 

Our innovation in vulnerability and exploit research led us to discover 45+ zero days in popular products such as Oracle, D-Link, WSO2, Thembay, Zoho, etc., among others. As a CVE Numbering Authority, we want to enable thousands of bug bounty hunters and play a critical role in the global effort of vulnerability management. 

As an acknowledged leader in Vulnerability research and analysis CSW is ahead of the game helping organizations world-wide to secure their business from ever-evolving threats. For more information visit www.cybsercurityworks.com or follow us on LinkedIn and Twitter.

About RiskSense

RiskSense®, Inc. provides vulnerability management and prioritization to measure and control cybersecurity risk. The cloud-based RiskSense platform uses a foundation of risk-based scoring, analytics, and technology-accelerated pen testing to identify critical security weaknesses with corresponding remediation action plans, dramatically improving security and IT team efficiency and effectiveness. For more information, visit www.risksense.com or follow us on LinkedIn and Twitter.

Media Contact:


Secure your environment from cyber-attacks!

Know How