Report: Hackers Increasingly Target Zero-Day Vulnerabilities and Supply Chain Networks
Ivanti, a Salt Lake City-based automation platform provider, has released a research study detailing cyberattack targets and 32 new ransomware families.
According to the company’s Ransomware Spotlight Year End Report, there was a total of 157 ransomware families in use during 2021, representing a 26% increase over the previous year.
The report also found that these ransomware groups are continuing to target unpatched vulnerabilities and weaponize zero-day vulnerabilities in record time. In addition, cybercriminals appear to be broadening their attack spheres and finding newer ways to compromise organizational networks and fearlessly trigger high-impact assaults.
Unpatched vulnerabilities remain the most prominent attack vectors exploited by ransomware groups. The analysis uncovered 65 new vulnerabilities tied to ransomware last year, representing a 29% growth compared to the previous year and bringing the total number of vulnerabilities associated with ransomware to 288. Alarmingly, over one-third (37%) of these newly added vulnerabilities were actively trending on the dark web and repeatedly exploited. More than half of the 223 older vulnerabilities identified prior to 2021 continued to be actively exploited by ransomware groups.
According to the report, ransomware groups are increasingly targeting supply chain networks to inflict major damage and cause widespread chaos. A single supply chain compromise can open multiple avenues for threat actors to hijack complete system distributions across hundreds of victim networks. Last year, threat actors compromised supply chain networks via third-party applications, vendor-specific products, and open-source libraries.
In addition, ransomware groups are increasingly sharing their services with others, much like legitimate SaaS offerings. Ransomware-as-a-service is a business model in which ransomware developers offer their services, variants, kits, or code to other malicious actors in return for payment. Exploit-as-a-service solutions allow threat actors to rent zero-day exploits from developers. Dropper-as-a-service allows inexperienced threat actors to distribute malware through programs that, when run, can execute a malicious payload onto a victim’s computer. Trojan-as-a-service, also called malware-as-a-service, enables anyone with an internet connection to obtain and deploy customized malware in the cloud, with zero installation.
Conducted with Cyber Security Works, a Certifying Numbering Authority (CNA), and Cyware, a SOAR provider, the Ransomware Index Spotlight Report is based on data gathered from a variety of sources, including proprietary data from Ivanti and CSW, publicly available threat databases, and threat researchers and penetration testing teams.
Threat actors are increasingly leveraging automated tool kits to exploit vulnerabilities and penetrate deeper into compromised networks. Organizations need to be extra vigilant and promptly patch any vulnerabilities, whether old or new.
Aryaka Launches Accelerate Global Partner Program
Aryaka Networks, a San Mateo, California-based managed SD-WAN and SASE (Secure Access Service Edge) company, has officially rolled out its Accelerate Global Partner Program, which unifies the company’s partner-led go-to-market strategy under a single program for the full range of channel partners with which the company works. This includes VARs, MSPs, distributors, white-label service providers, systems integrators, and IT marketplaces across North America, Europe, Africa, the Middle East, and Asia-Pacific.
As part of the new program, Aryaka has added new channel specialists to its team, including Craig Patterson, channel chief and vice president of sales for the Americas, and Ed Pearce, national channel director for North America. They join Rich Farbman, regional vice president for the Americas, and Lisette Sens, vice president of international channel sales.
Simplified Packaging and Pricing has also been added, as well as co-management options and a network-as-a-service solution. Training, certification, and marketing resources are also being optimized to the expanded program.
“Aryaka has made good on its promises to invest in a partner-led strategy by introducing SD-WAN and SASE solutions that are easy for partners to sell,” said Patterson. “With the launch of the Aryaka Accelerate Global Partner Program, we’re now wrapping that with alignment, enablement, incentives and support resources to drive success for agents, VARs and MSPs worldwide.”
The upgrades are intended to help partners tap into the expanded revenue opportunities around SD-WAN and secure SASE solutions for businesses of all sizes.
Ingram Micro Acquires Keenondots for Cloud Platform Improvement
Ingram Micro announced that its cloud ecosystem platform business, CloudBlue, has acquired Keenondots, a Platform-as-a-Service business, headquartered in the Netherlands, with a customizable cloud automation platform that is offered as a managed service and enables partners to fully automate their service delivery and invoicing processes.
“The addition of Keenondots furthers our commitment to developing new cloud ecosystems to help accelerate our customers’ digital transformation through automation and support of Everything-as-a-Service offerings,” said Tarik Faouzi, senior vice president of CloudBlue at Ingram Micro. “We welcome Keenondots to CloudBlue and look forward to continuing to empower our customers to build, manage and grow their cloud services businesses with greater speed and efficiency.”
“We have a longstanding and successful relationship with CloudBlue and we are excited to join their innovative and dynamic team,” said Coen Korver, CEO of Keenondots. “Joining forces will allow us to play an even stronger role in helping our mutual partners accelerate their path to success in the as-a-service economy.”
The Keenondots team, including CEO Coen Korver and founder and CTO Laurens van Alphen, have joined CloudBlue, Ingram Micro’s multi-tier and multi-channel marketplace for more than 200 products and services.
The acquisition brings new automation capabilities to the CloudBlue platform, with integrations designed to simplify and accelerate customers’ transition to an Everything-as-a-Service business. Keenondots adopted Ingram Micro’s CloudBlue platform in 2010 to help automate its internal ordering, provisioning and invoicing processes, and in 2015, began licensing CloudBlue as the backbone of its Commerce Platform.