IBM released an annual study titled X-Force Threat Intelligence Index which reveals how ransomware and cyber-vulnerabilities exploits in 2021. Asia is said to be the region most affected by cyber attacks
Manufacturing is the industry most targeted by cybercriminals. Although phishing was the most common cause of cyberattacks in the past year, IBM Security X-Force observed a 33% increase caused by exploiting software vulnerabilities.
It is the most reliable entry point for ransomware perpetrators during 2021. It is the cause of 44% of ransomware attacks.
As we saw Monday (14/3/2022) X-Force's 2022 report explains how in 2021 ransomware perpetrators seek to crack the backbone of global supply chains with attacks on manufacturing, which is the industry most attacked (23%) in 2021, and managed to get rid of financial services and insurance after so long in the first place.
As many as 47% of cyberattacks against manufacturers are caused by unpatched software vulnerabilities that have not been or cannot be addressed, highlighting the need for organizations to prioritize vulnerability management.
The X-Force Threat Intelligence Index 2022 helps chart new cyberattack trends and patterns by observing and analyzing based on billions of data from network and endpoint detection devices, incident response engagements, phishing kit tracking and more - including data provided by Intezer.
In its report, IBM sees Ransomware gangs never give up. Ransomware persists as the main cyber attack method observed in 2021, with no signs the ransomware group will stop, despite improvements in ransomware removals. According to a 2022 report, the average age of a ransomware group before it was discontinued or renamed was 17 months.
X-Force also revealed that for businesses in Asia, Europe and MEA, unpatched software vulnerabilities account for about 50% of attacks by 2021, highlighting the business's biggest difficulty - patching vulnerabilities.
Cybercriminals set an early footing for attacks by targeting cloud environments, as per a 2022 report that revealed a 146% increase in new Linux ransomware code and a shift to Docker-focused targeting, potentially making it easier for more threat actors to exploit cloud environments for malicious purposes.
Responding to law enforcement moves that accelerate the elimination of cyber vulnerabilities, the ransomware group may activate its disaster recovery plans. X-Force analysis revealed that the average age of the ransomware cluster before it was discontinued or renamed was 17 months.
For example, REvil, which was responsible for 37% of all ransomware attacks in 2021, survived four years through a rebranding, suggesting that it is likely that it could reappear despite being phased out by multi-government operations in mid-2021.
"Cybercriminals generally want money. With ransomware, they are now chasing influence," said Charles Henderson, Head of X-Force. "Businesses need to be aware that ransomware vulnerabilities use vulnerabilities to profit," he said.