CAMBRIDGE, Mass. — A new report shows that no industry is more targeted by cyber attackers than manufacturing.
The 2022 “X-Force Threat Intelligence Index” by IBM Security reveals how ransomware and vulnerability exploitations were able to “imprison” businesses last year, especially manufacturers, and burden global supply chains, according to IBM last month.
Overall, phishing was the most common cause of cyber attacks.
The report is intended to deliver insights about the global threat landscape and inform cybersecurity professionals about the threats most relevant to their organizations.
The X-Force Threat Intelligence Index maps new trends and attack patterns IBM Security observed and analyzed from its data: drawing from billions of data points — ranging from network and endpoint detection devices, incident response engagements, phishing kit tracking, and more, including data provided by Intezer.
Ransomware actors attempted to “fracture” the backbone of global supply chains with the most attacks on manufacturing (23%), which unseats financial services and insurance for the top spot.
Cyber attackers “wagered on the ripple effect” of disrupting manufacturers, expecting their supply chains to “pressure them into paying the ransom.”
The report indicates that 47% of cyber attacks on manufacturers were caused due to software vulnerabilities that weren’t patched, highlighting the need for organizations to “prioritize vulnerability management.”
Across industries, there was a 33% increase in cyber attacks caused by the exploitation of unpatched software. Ransomware actors relied on this point of entry the most, representing the cause of 44% of ransomware attacks.
Other key findings in the “X-Force Threat Intelligence Index”
- Ransomware gangs defy takedowns: Ransomware groups show “no sign of stopping,” despite the uptick in ransomware takedowns. The average lifespan of a ransomware group before shutting down or rebranding is 17 months.
- Targeting the cloud: Cybercriminals are “laying the groundwork to target cloud environments,” with a 146% increase in new Linux ransomware code and a shift to Docker-focused targeting.
- Unpatched software is the biggest vulnerability: For businesses in EMEA and Asia, unpatched vulnerabilities caused about 50% of cyber attacks.
- Record vulnerabilities: Vulnerabilities in industrial control systems rose by 50% year over year.
- Asia is top regional target: Asia saw more attacks than any other region, experiencing over one in four. Financial services and manufacturing organizations together experienced nearly 60% of attacks in Asia.
- Phishing and calls: In X-Force Red’s penetration tests, the click rate in its phishing campaigns “tripled when combined with phone calls.”
“Cybercriminals usually chase the money. Now with ransomware they are chasing leverage,” said Charles Henderson, head of IBM X-Force.
“Businesses should recognize that vulnerabilities are holding them in a deadlock, as ransomware actors use that to their advantage. This is a non-binary challenge. The attack surface is only growing larger, so instead of operating under the assumption that every vulnerability in their environment has been patched, businesses should operate under an assumption of compromise and enhance their vulnerability management with a zero-trust strategy.”
For more findings, see the 2022 IBM Security “X-Force Threat Intelligence Index.”