The latest report from IBM Security shows that in 2021, the manufacturing industry was the most affected by cyber attacks due to the supply chain problem. […]
Ransomware was the top threat par excellence in 2021. This is also the conclusion reached by IBM’s cybersecurity researchers in their latest report.
The current “X-Force Threat Intelligence Index” also shows that the use of ransomware and the exploitation of security gaps have put companies and their global supply chains at greatest risk in 2021. The manufacturing industry was the most affected sector worldwide with 23 percent of all attacks. It has replaced the financial services and insurance industry as the absolute leader in this regard.
According to the X-Force report, the reason why the manufacturing industry has now taken the lead is as follows: Attackers relied on the domino effect that disruptions at manufacturing companies would have on their downstream supply chains to force them to pay the ransom.
The manufacturing industry is the hardest hit and has overtaken financial service providers (c) IBM
Unpatched software as a gateway
An alarming 47 percent of attacks on manufacturing companies targeted IT vulnerabilities that the affected companies had not yet fixed or could not fix. This makes it clear that companies must give priority to vulnerability management.
Overall, the X-Force team observed a 33 percent increase in attacks that exploited vulnerabilities in unpatched software. This gateway was used by 44 percent of all ransomware attacks worldwide in 2021 to carry out their attacks – more than any other attack method. In Europe, even 46 percent of all ransomware attacks used this way to penetrate companies.
Robust Hacker Groups
And the latest report from IBM X-Force shows something else: hacker groups that specialize in ransomware attacks are particularly resilient and defy so-called tackdowns by the authorities. According to the report, the average lifespan of a ransomware group is no less than 17 months until it is switched off or repositioned.
The REvil group, for example, which was responsible for 37 percent of all ransomware attacks in 2021, even existed for four years and constantly repositioned itself. That suggests the likelihood of her reappearing, even though she was taken out by an international police operation in mid-2021.
Hacker groups often change their name and remain active for another few months (c) IBM
Fears of a cyber crisis in the cloud
After all, the report warns of a real cyber crisis in the cloud. According to the X-Force specialists, cybercriminals are increasingly preparing to attack cloud environments. It is observed that attackers are increasingly targeting containers such as Docker – by far the dominant container runtime environment, according to RedHat. Hackers have realized that containers are now widely used in companies, it is said as a justification. Therefore, they were increasingly looking for ways to maximize their ROI with malware that was cross-platform and could be used as a springboard to other components of their victims’ infrastructure.
Last but not least, the report also warns that attackers continue to invest in new, previously unobserved Linux malware. The data provided by Intezer shows a 146 percent increase in Linux ransomware with new code.
The complete IBM Security X-Force Threat Intelligence Index 2022 can be found here.