Through the annual study of the X-Force Threat Intelligence Index 2022, IBM revealed that manufacturing is the industry most targeted by cybercriminals, especially in the Asian region.
While phishing is still the most common cause of cyberattacks in the past year, IBM Security X-Force found a 33% increase in cyberattacks caused by exploiting software vulnerabilities that are the most reliable entry point for ransomware perpetrators in 2021. It is the cause of 44% of ransomware attacks.
Charles Henderson, Head of X-Force, said that in 2021 ransomware actors are trying to ‘crack’ the backbone of global supply chains with attacks on manufacturing, which was the industry most attacked (23%) in 2021, and managed to get rid of attacks on financial services. And insurance after so long is in the first rank.
“Cybercriminals recognize that the disruption inflicted on manufacturing organizations will cause downstream supply chains to pressure organizations to pay ransoms,” Charles said.
“47 percent of cyberattacks against manufacturers are caused by unpatched software vulnerabilities that have not been or cannot be addressed, so this highlights the need for organizations to prioritize vulnerability management,” he continued.
It’s interesting to note that in this report, ransomware remains the primary cyberattack method observed in 2021, with no signs that ransomware groups will stop relying on this attack pattern, despite improvements in ransomware removals.
“According to reports, the average age of the ransomware cluster before it was discontinued or renamed was 17 months. X-Force revealed that for businesses in Asia, Europe, and MEA, unpatched software vulnerabilities account for about 50% of attacks by 2021, which shows the business’s greatest difficulty is patching vulnerabilities,” he said.
Cybercriminals generally want money through ransomware attacks. Business people now need to realize that their cybersecurity unpreparedness is a significant threat.
“The reach of attacks is growing wider and wider, so instead of operating on the assumption that every vulnerability in their environment has been patched, businesses should operate with the assumption that the intrusion is always there and improve their vulnerability management with a Zero-Trust strategy.”
Leave a Reply