Based on the data points of one global firm’s cybersecurity team, half of the cyberattacks were due to unpatched vulnerabilities.
In a report on the 2021 cyber threat landscape, one cybersecurity firm’s client eco-system showed how ransomware and vulnerability exploitation together were able to ‘imprison’ businesses, add burdens to global supply chains, and result in manufacturing as the most targeted industry.
Drawing from billions of data points originating from the firm’s network and endpoint detection devices and incidence response engagements, the report highlighted some of the key global threat landscape trends of the year.
Key top findings of the firm’s client eco system in 20201 included:
- Asia was the most attacked region, experiencing over one in four attacks observed by the firm’s threat intelligence and incidence response teams globally
- The average lifespan of ransomware groups was 17 months
- Early warning signs of a cyber crisis in the cloud were brewing: a 146% increase in new Linux ransomware code and a shift to Docker-focused targeting, potentially laid the ground work for more threat actors to leverage cloud environments for malicious purposes
- Voice phishing (vishing) tripled phishing click rates
- For the ecosystem’s business clients in Europe, Asia and MEA, unpatched vulnerabilities caused approximately 50% of attacks in 2021, exposing their biggest struggle–patching vulnerabilities.
- The manufacturing and financial services sectors (banking, insurance) felt the brunt of cyberattacks. In Asia, financial services in the ecosystem remained the top industry being targeted given the lucrativeness of a successful breach.
- Phishing was the most common way that attackers took to gain an initial foothold into a victim’s environment and was observed in 43% of the incidents. In the same ecosystem, there is a notable increase in bank customers being targeted by phishing scams via SMS with relatively larger sums of customers’ monies being siphoned away through such phishing attacks.
- Regulators in some countries had coordinated industry-wide measures in response to such scams to ensure that digital banking remains secure, efficient and trusted.
- Vulnerability exploitation was another critical infection vector seen in 43% of the incidents observed. Critical vulnerabilities in third-party software and libraries that were widely used in commercial and open source products had resulted in widespread exploitation.
IBM, the firm that commissioned the X-Force division’s report, believed that public-private partnerships are needed to facilitate a list of critical projects to help organizations prioritize and allocate resources for the most essential security assessments and improvements.
Said Charles Henderson, Head, IBM X-Force: “The attack surface is only growing larger, so instead of operating under the assumption that every vulnerability in their environment has been patched, businesses should operate under an assumption of compromise, and enhance their vulnerability management with a zero trust strategy.”