Threat actors involved in multiple ransomware (opens in new tab) Attacks on targets in Ukraine, Poland and other countries in the days and weeks leading up to Russia’s invasion of Ukraine, new research shows.
According to Ivanti and Cyware, this was a strategy that used ransomware as a precursor to physical warfare.
The company’s report notes that we can expect this strategy to be used much more to play out conflicts in the future and is currently even evolving in a “cyberwar” conflict between Iran and Albania (opens in new tab).
The joint research efforts have also revealed some alarming trends related to ransomware.
According to the report, ransomware has increased nearly fivefold (466%) since 2019 Play, Deadbolt, H0lyGh0st, Lorenz, Maui, and NamPoHyu.
There are also now at least 35 ransomware-related vulnerabilities, along with 159 active trending exploits. However, without a concrete threat context, patching systems and mitigating vulnerabilities is a lot harder than you might think.
Threat actors rely on 101 CVEs for their phishing attacks, although it is by no means their only attack vector. The report identified 323 current ransomware vulnerabilities, resulting in 57 endpoint hijacking methods.
For Srinivas Mukkamala, Chief Product Officer at Ivanti, now is the time to take a risk-based approach to vulnerability management.
“This includes leveraging automation technologies that can correlate data from multiple sources (such as network scanners, internal and external vulnerability databases, and penetration testing), measure risk, provide early warning of arming, predict attacks, and prioritize remediation,” he said.
“Organizations that continue to rely on traditional vulnerability management practices, such as B. Exclusive use of the NVD and other public databases to prioritize and patch vulnerabilities will remain at high risk of cyberattacks.”
https://www.techradar.com/news/ransomware-is-being-used-as-a-precursor-to-physical-war Ransomware is being used as a precursor to physical war