Get help with JNDI vulnerability CVE-2021-42392! Get CSW's Detection Script

Ransomware

Through the lens of Threat and Vulnerability Management

Spotlight Report

Ransomware Q3 Index update clocks a 4.5% increase in the number of vulnerabilities tied to ransomware. It also brings metrics about the number of ransomware families, trending vulnerabilities, APT groups, and the weaknesses that are enabling attackers to exploit vulnerabilities in applications.

Our index update will help organizations gain an insight into the top vulnerabilities that could render them susceptible to ransomware. It will also help them to prioritize and patch critical vulnerabilities.

Key Insights Blogs Media Coverage Webinar Podcasts FAQ Get a Ransomware Assessment

latest-tag ransomwarebookthree

Ransomware Index Update Q3 2021

Ransomware Index Update for Q3 provides the latest ransomware trends, and the new groups, vulnerabilities and weaknesses tied to ransomware. Understand what vulnerabilities offer the greatest threat and stay protected.

ransomwarebookthree

Ransomware Index Update Q2 2021

Ransomware index update for Q2 looks at new vulnerabilities tied to ransomware, new exploits, APT Groups, and Ransomware families. Build resilience to defend your ecosystem from crippling ransomware attacks.

ransomwarebookthree

Ransomware Index Update Q1 2021

Ransomware index update for Q1 2021 brings new vulnerabilities, exploits, APT Groups and Ransomware families that have become active in the first quarter of 2021. Get updated insights about this evolving threat and know your exposure to it.

flag-callout

Ransomware Spotlight Report 2021

Comprehensive insights into vulnerabilities that enable ransomware, APT Groups, and Ransomware families. Keep your finger on the pulse of the rapidly evolving ransomware landscape and understand the consequences of potential exposure.

Key Insights

6 CVEs have become associated with Ransomware in Q2, 2021
7 new APT groups have become associated with Ransomware in Q2, 2021
6 new Ransomware Families have been identified in Q2, 2021
15% increase in RCE/PE vulnerabilities tied to ransomware in Q2, 2021

Want to stay secure from Ransomware threats?

Ransomware Exposure Assessment

CSW’s Ransomware Exposure Assessment leverages our extensive experience in threat hunting and research on emerging & evolving ransomware. The Assessment helps identify vulnerabilities that are often targeted by threat actors to mount a ransomware attack on your organization. Our assessment will identify the risk of an attack, proactively improve defensive posture by closing vulnerable gaps and help secure sensitive data. Our experts will also recommend best security practices and reinforce cyber hygiene within your organization.

Blogs

20 Percent of CVEs Listed in CISA’s Latest Directive have Ransomware Associations
#CyberSecurity
20 Percent of CVEs Listed in CISA’s Latest Directive have Ransomware Associations
15th November, 2021 | Surojoy Gupta
Windows PetitPotam & ProxyShell Vulnerabilities Chained in Attack
#CyberSecurity
Windows PetitPotam & ProxyShell Vulnerabilities Chained in Attack
15th September, 2021 | Surojoy Gupta
Ragnar Locker Ransomware hits Customer Care Giant TTEC
#CyberSecurity
Ragnar Locker Ransomware hits Customer Care Giant TTEC
21st October, 2021 | Surojoy Gupta
Darkside Ransomware: Further Threat Associations Unearthed
#CyberSecurity
Darkside Ransomware: Further Threat Associations Unearthed
30 July, 2021 | Priya Ravindran
Kaseya VSA Downed by REvil in Monumental Supply-Chain Attack
#CyberSecurity
Kaseya VSA Downed by REvil in Monumental Supply-Chain Attack
12th, July 2021 | Surojoy, Priya
REvil Brings Down JBS - the World’s Largest Meat Packer
#CyberSecurity
REvil Brings Down JBS - the World’s Largest Meat Packer
16th June, 2021 | Priya Ravindran
All About Qlocker
#CyberSecurity
All About Qlocker
11th June, 2021 | Priya Ravindran
FiveHands Ransomware Analysis: Can a Risk-Based Approach Help Prevent Future Attacks?
#CyberSecurity
FiveHands Ransomware Analysis: Can a Risk-Based Approach Help Prevent Future Attacks?
4th Jun, 2021 | Priya Ravindran
Darkside: The Ransomware that brought a US pipeline to a halt
#CyberSecurity
Darkside: The Ransomware that brought a US pipeline to a halt
18th May, 2021 | Sumeetha
All about Ryuk
#CyberSecurity
All about Ryuk
16th Apr, 2021 | Sumeetha

Media Coverage

The Vulnerabilities that Open the Door to Ransomware
#Ransomware
The Vulnerabilities that Open the Door to Ransomware
15th June, 2021 | CISO Mag
Ransomware attacks rose by 31% amid pandemic: Report
#Ransomware
Ransomware attacks rose by 31% amid pandemic: Report
12th Feb 2021 | The New Indian Express
Software-as-a-service applications emerge as new target for ransomware, report reveals
#Ransomware
Software-as-a-service applications emerge as new target for ransomware, report reveals
13th Feb 2021 | The Hindu
RiskSense Ransomware Spotlight Report Reveals Surge in Weaponized Vulnerabilities, New Targets and Ransomware-as-a-Service
#Ransomware
RiskSense Ransomware Spotlight Report Reveals Surge in Weaponized Vulnerabilities, New Targets and Ransomware-as-a-Service
11th Feb 2021 | Yahoo Finance
Researchers identify 223 vulnerabilities used in recent ransomware attacks
#Ransomware
Researchers identify 223 vulnerabilities used in recent ransomware attacks
11th Feb 2021 | SC Media
Ransomware attacks rise in 2020, SaaS apps are the new target: Report
#Ransomware
Ransomware attacks rise in 2020, SaaS apps are the new target: Report
28th Feb 2021 | Hindustan Times Tech
Ransomware Everywhere: Dire State Of Cybersecurity In 2021
#Ransomware
Ransomware Everywhere: Dire State Of Cybersecurity In 2021
26th May, 2021 | Analytics India Magazine
Ransomware Vulnerabilities That Could Bring Down Your Organization
#Ransomware
Ransomware Vulnerabilities That Could Bring Down Your Organization
6th Sept, 2021 | CISO Mag

Webinar on Ransomware Spotlight Report 2021

Podcasts

Most Surprising Insight from Ransomware Report 2021
Part 1
Trends that are spotlighted in Ransomware Report 2021
Part 2
Recommendations to proactively neutralize ransomware threats
Part 3

Frequently Asked Questions

Expand all

1. What is a Ransomware attack?

  • Ransomware is a malicious software that encrypts and restricts user’s access to data. Typically in a ransomware attack, an organization’s data is held hostage. To retrieve the data and prevent attackers from misusing it, the victim will have to pay the ransom. If victims refuse to pay, the attackers would then publish the data in public domains or sell it on the dark web.

2. What is Ransomware as a Service (RaaS)?

  • Ransomware as a Service (RaaS) is a malicious business model followed by ransomware developers. They sell ransomware kits to attackers. These kits are used to launch attacks on organizations that offer critical services. Each ransomware kit is an attack in a box and comes with step-by-step instructions on how to launch an attack successfully.
  • RaaS caters to attackers who do not have deep technical knowledge by offering them easy-to-use attack kits. With ransomware payments increasing with every payout (e.g., CNA Financial paid $40 million), attackers are looking at RaaS as an easy way to become rich.
  • Most RaaS offerings are subscription-based and provide their affiliates with ransomware tools. When the attack is successfully executed and after the ransom is paid, ransomware developers get a percentage of the payout. In addition to a user manual, a typical RaaS kit provides its customers with 24/7 support, user reviews, access to help forums, and ratings that would be available in any legitimate SaaS service offering.

3. What are the different types of RaaS models seen today?

  • There are many types of RaaS models in existence today, such as:
    • Monthly subscriptions for repeat offenders
    • An affiliate model, where 20–30% of the ransom is paid to the ransomware developer/operator
    • One-time license fee
    • Profit-sharing

4. How to protect an organization from ransomware?

  • Organizations need to adopt a risk-based approach towards remediating vulnerabilities. Elevating cyber hygiene, adopting continuous risk-based vulnerability management, and active threat context for ransomware will proactively defend organizations against vulnerabilities exploited by ransomware. This approach will help security teams to prioritize vulnerabilities associated with ransomware and ensure that patches are implemented to reduce the lag. For more information about combating ransomware, download our report and updates to stay informed.

Want to know more about Ransomware Exposure Assessment?