While phishing was the most common cause of cyberattacks in general in the past year, IBM Security X-Force said that ransomware and vulnerability exploitations "imprisoned" businesses in 2021 further burdening global supply chains, with manufacturing emerging as the most targeted industry.
Ransomware was the top attack type for the third year in a row, comprising 21 per cent of all attacks IBM Security X-Force observed globally.
The 2022 report details how in 2021 ransomware actors attempted to "fracture" the backbone of global supply chains with attacks on manufacturing, which became 2021's most attacked industry (23 per cent), dethroning financial services and insurance after a long reign.
Experiencing more ransomware attacks than any other industry, attackers wagered on the ripple effect that disruption on manufacturing organizations would cause their downstream supply chains to pressure them into paying the ransom. An alarming 47 per cent of attacks on manufacturing were caused due to vulnerabilities that victim organizations had not yet or could not patch, highlighting the need for organisations to prioritize vulnerability management.
The 2022 IBM Security X-Force Threat Intelligence Index maps new trends and attack patterns IBM Security observed and analysed from its data – drawing from billions of datapoints ranging from network and endpoint detection devices, incident response engagements, phishing kit tracking and more.
Ransomware persisted as the top attack method observed in 2021, with ransomware groups showing no sign of stopping, despite the uptick in ransomware takedowns. According to the 2022 report, the average lifespan of a ransomware group before shutting down or rebranding is 17 months.
X-Force reveals that for businesses in Europe, Asia and MEA, unpatched vulnerabilities caused approximately half of attacks in 2021, exposing businesses' biggest struggle– patching vulnerabilities.
The report said that Cybercriminals were laying the groundwork to target cloud environments, with the 2022 report revealing a 146 per cent increase in new Linux ransomware code and a shift to Docker-focused targeting, potentially making it easier for more threat actors to use cloud environments for malicious purposes.