Manufacturing overtakes financial services as the most attacked industry

A new report from IBM Security released early Wednesday says manufacturing is feeling the brunt of cyberattacks as supply chain issues continue to grow.

The finding was revealed in IBM Security’s annual X-Force Threat Intelligence Index that unveiled how ransomware and vulnerability exploitations together could “imprison” businesses in the previous year. Manufacturing emerged in 2021 as the most targeted industry, further burdening global supply chains.

In the year, IBM Security X-Force observed a 33% increase in attacks caused by vulnerability exploitation of unpatched software. Exploiting vulnerabilities topped the attack vector that ransomware gangs relied on more than any other to carry out their attacks, representing the cause of 44% of all ransomware attacks.

The report claims that ransomware actors attempted to “fracture” the backbone of global supply chains with attacks on manufacturing, which became 2021’s most attacked industry, accounting for 23% of all attacks, dethroning financial services and insurance after a long reign. Some 47% of attacks on manufacturing were caused by vulnerabilities that victim organizations had not yet patched, or couldn’t, highlighting the need for organizations to prioritize vulnerability management.

Other findings in the report included ransomware gangs defying takedowns. Ransomware persisted as the top attack method observed in 2021, with ransomware gangs showing no sign of stopping, despite the uptick in takedowns by authorities. The ongoing ubiquity of ransomware attacks comes despite the average lifespan of a ransomware gang before shutting down or rebranding now standing at 17 months.

The report also highlights the risk of what is described as a “cyber crisis of the cloud.” Claiming that there are early warning signs, it is said cybercriminals are laying the groundwork to target cloud environments, with the report revealing a 146% increase in new Linux ransomware code and a shift to Docker-focused targeting. This shift could make it easier for more threat actors to leverage cloud environments for malicious purposes.

“Cybercriminals usually chase the money. Now with ransomware, they are chasing leverage,” Charles Henderson, head of IBM X-Force, said in a statement. “Businesses should recognize that vulnerabilities are holding them in a deadlock – as ransomware actors use that to their advantage. The attack surface is only growing larger, so instead of operating under the assumption that every vulnerability in their environment has been patched, businesses should operate under an assumption of compromise and enhance their vulnerability management with a zero-trust strategy.”

Image: IBM Security