Software-as-a-service (SaaS) applications have emerged as a new target for ransomware, and had the highest count of vulnerabilities that were seen trending with active exploits.
Ransomware targeting 12 SaaS products with 47 vulnerabilities. We also found that 19 of these Common Vulnerabilities and Exposures (CVEs) are trending between 2018 and 2020,” pointed out a study report ‘Ransomware Through the Lens of Threat and Vulnerability Management’ by Chennai-based Cyber Security Works (CSW), an official CVE Numbering Authority (CNA), along with RiskSense, a company that provides risk-based vulnerability management.
The report shows that products with maximum vulnerabilities would be Apple’s iCloud, Microsoft Outlook 365, HP’s Application Lifecycle management, Oracle’s Fusion Middleware, Adobe’s Adobe Air, IBM’s Lotus Domino, and Notes.
With the usage of SaaS products increasing, we predict that threat actors will seek out vulnerabilities inherent in these applications and weaponise them systematically.
Vulnerabilities associated with ransomware quadrupled from 57 in 2019 to 223 in 2020. The number of weaponised vulnerabilities associated with ransomware have quadrupled in 2020 which means organisations need to view vulnerabilities from a ransomware context and patch them continuously,.
CSW, which operates out of the IIT Madras Research Park, said the study is important because 89% of Indian IT leaders are concerned about data protection from ransomware. This, with good reason, as there has been a 31% increase in ransomware attacks on Indian organisations during the COVID-19 pandemic in 2020.
NHAI, Apollo Tyres, India Bulls, P & R Group and Delhi Medical Council have been victims of ransomware in the past year and their data is exposed on the dark web.
A few of the known high profile data breaches in India that impacted critical infrastructure are from sectors including telecom, e-commerce and public sector entities. Dr. Reddy’s, Big Basket, Airtel, Jawaharlal Nehru Port Trust (JNPT), Juspay exposed sensitive data and personal information onto the dark web.