Industrial companies and manufacturing have been most frequently targeted by cyberattacks during 2021 amid the deepening crisis in global supply chains. This is stated in the annual report 2022 X-Force Threat Intelligence Index by IBM Security, which was received by the editors of Izvestia on Wednesday, February 23.
The IBM Security division investigated billions of information security events from January to December of last year.
According to the results of 2021, companies from the industrial sector became the main target of attacks – 23%, displacing the financial services and insurance sectors from their dominant positions. The number of attacks on industrial enterprises increased, the attackers expected to create a “domino effect” that would lead to disruption of the lower links of the supply chains and force organizations to pay a ransom to fraudsters, the report says.
It is noted that 47% of attacks on industrial enterprises were caused by vulnerabilities that the victim companies have not yet managed or could not fix. This indicates the need to consider vulnerability management as a priority.
It is noted that after the attack of the ransomware virus on the American food company JBS in May, by the end of 2021, the price of ground beef in the United States increased by 10%. The price of gas increased by the same 10% after the attack on the Colonial Pipeline.
In 2021, phishing has become the most popular form of cyberattack. During security testing, X-Force Red experts found that phone calls (vishing) significantly increase the effectiveness of phishing.
Among the most spoofed brands in the past year are those owned by global technology and media companies such as Microsoft, Apple, CNN and Facebook.
In addition, X-Force found that attackers are increasingly shifting their attack vector towards popular cloud environments such as Docker, the most common container runtime, according to Red Hat. According to the report, the share of new code for attacks on Linux increased by 146%, the attack vector shifted towards Docker. This can make it easier to use cloud environments for malicious activities.
Asia leads in the number of attacks: in In 2021, more than 25% of the attacks detected by IBM were committed against countries in this region. The object of 60% of the attacks there were financial institutions and industrial enterprises.
Izvestia reported on February 17 that the Ministry of Digital Transformation had launched an industry cybersecurity center that would have to protect government information systems from hacker attacks. It has a wide range of functions – in addition to the protection itself, the center will also deal with attribution – searching for the initiators of attacks and establishing their involvement in certain groups of hackers. Such investigations are unusual for industry security centers, experts noted.
Source: IZ
Jane Stock is a technology author, who has written for 24 Hours World. She writes about the latest in technology news and trends, and is always on the lookout for new and innovative ways to improve his audience’s experience.
