Cybercriminals have invested their efforts into breaking supply chains over the past year, with the manufacturing sector now becoming a top target.
According to IBM’s annual X-Force Threat Intelligence Index, based on security incidents and threat data gathered over 2021, businesses are now being “imprisoned” by the active exploitation of vulnerabilities and the deployment of ransomware.
The tech giant’s researchers say that phishing remains the most common attack vector for cyberattacks but there has also been a 33% increase in the use of vulnerabilities against unpatched systems. In total, vulnerability exploits are considered to be responsible for 44% of the reported, known ransomware attacks included in the report.
Supply chain attacks can have severe ramifications: central service providers may be compromised to deploy poisoned software updates to their customer bases, ransomware may be executed to cause as much disruption to vendors as possible, ramping up the pressure to pay, or attacks may be triggered to deliberately wreak havoc in the real world, such as taking down utilities or core services in a target country.
CrowdStrike’s latest threat report says that ransomware attacks leading to data leaks increased from 1,474 in 2020 to 2,686 in 2021 and the most impacted sectors were