Ransomware burdens global supply chains by attacking their manufacturing

Wednesday 23 February 2022 10:45 CET | News

IBM Security has released its annual X-Force Threat Intelligence Index unveiling how ransomware and vulnerability exploitation together were able to burden global supply chains.

The 2022 report details how in 2021 ransomware actors attempted to ‘fracture’ the backbone of global supply chains with attacks on manufacturing, which became 2021’s most attacked industry (23%), dethroning financial services and insurance.

47% of attacks on manufacturing were caused due to vulnerabilities that victim organisations had not yet or could not patch, highlighting the need for organisations to prioritise vulnerability management.

Besides, ransomware persisted as the top attack method observed in 2021, with ransomware groups showing no sign of stopping, despite the uptick in ransomware takedowns. According to the 2022 report, the average lifespan of a ransomware group before shutting down or rebranding is 17 months.

Cybercriminals are laying the groundwork to target cloud environments, with the 2022 report revealing a 146% increase in new Linux ransomware code and a shift to Docker-focused targeting.

The X-Force report highlights the record high number of vulnerabilities disclosed in 2021, with vulnerabilities in Industrial Control Systems rising by 50% year-over-year. At the same time, vulnerability exploitation as an attack method is growing more popular. X-Force observed a 33% increase since 2021, with the two most exploited vulnerabilities observed in 2021 found in widely used enterprise applications.

The report features data IBM collected globally in 2021 to deliver information about the global threat landscape and inform security professionals about the threats most relevant to their organisations. 

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: cybersecurity, report, ransomware, supply chain finance, cybercrime
Categories: Fraud & Financial Crime
Countries: World
This article is part of category

Fraud & Financial Crime

Industry Events