Ransomware is a severe and growing threat to businesses of all sizes. Our new research showed that double-extortion ransomware attacks increased by 29.9% over the past quarter, making Q1 2023 the most prolific quarter we have ever observed for that type of attack.
This alarming rise highlights the urgent need for organizations to have robust cybersecurity measures that will detect and prevent ransomware attacks. These attacks can inflict severe financial and reputational repercussions.
In this blog, we offer: approaches for managing ransomware threats, an overview of key vulnerabilities exploited for ransomware use in Q1 2023, and ways ReliaQuest can help security teams better detect and defend ransomware threats.
Ransomware operators exploit a wide array of new and older vulnerabilities in their attacks. Identifying and patching commonly exploited flaws can be crucial in preventing or minimizing the impact of cyber attacks. Three important vulnerabilities were exploited over the past quarter, leading to widespread ransomware attacks:
GoAnywhere zero-day (CVE-2023-0669) – The “Clop” ransomware gang exploited this flaw to claim an alleged 130-plus victims globally. Unlike typical attacks by Clop, the group did not encrypt files in this campaign, but simply exfiltrated data. Fewer than 2,000 devices were believed to be vulnerable; meaning Clop’s attacks were likely very calculated and effective. To mitigate this vulnerability, GoAnywhere MFT users should upgrade to version 7.1.2. ESXiArgs vulnerability (CVE-2021-21974) – In February 2023, a large ransomware campaign exploited this vulnerability in VMware ESXi servers, to encrypt an
Read more