According to the annual X-Force Threat Intelligence Index Of IBM, based on data from the 2021 attacks, cybercriminals spent a lot of time last year disrupting supply chains, mostly targeting the manufacturing sector. In fact, such attacks are particularly dangerous for wreaking havoc and increasing the pressure to pay a ransomware ransom.
According to the researchers, phishing remains the preferred tool for this kind of operations, so much so that it has recorded a 33% increase compared to the exploitation of vulnerabilities on outdated systems. Even second CrowdStrikeas reported by colleagues from ZDNet, ransomware attacks have had a marked increase, going from 1,474 in 2020 to 2,686 in 2021, mainly affecting the technological, engineering, production and industrial sectors. IBM stated that “the attackers gambled on the knock-on effect that disruption of manufacturing organizations would cause to their downstream supply chains to push them to pay the ransom“.
Charles Hendersonhead of IBM X-Force, said:
The attack surface is growing, so instead of operating under the assumption that every vulnerability in their environment has been resolved, organizations should operate under a compromise assumption and improve their vulnerability management with a zero-trust strategy.
In addition to phishing and exploiting known bugs, hackers have also employed Modbus Operational Technology (OT) SCADA devices for reconnaissance, which is also on the rise. Another element that emerges from IBM’s report concerns cloud environments, with a 146% increase in new Linux-based ransomware to hit Docker, among others.