IBM Security: Cybercriminals Took Advantage of Anti-COVID-19 Efforts
Threat actors used the socioeconomic, business and political challenges brought on by the COVID-19 pandemic to profit in 2020, targeting everything in the supply chain, from manufacturing and healthcare, with malware, spoofed brands and ransomware.
That’s according to a new report — the “2021 X-Force Threat Intelligence Index” — from IBM Security, which details how attackers also exploited the adoption by many industry sectors of cloud services during the pandemic.
“In essence, the pandemic reshaped what is considered critical infrastructure today, and attackers took note. Many organizations were pushed to the front lines of response efforts for the first time — whether to support COVID-19 research, uphold vaccine and food supply chains, or produce personal protective equipment,” said Nick Rossmann, global threat intelligence lead for IBM Security X-Force. “Attackers’ victimology shifted as the COVID-19 timeline of events unfolded, indicating yet again, the adaptability, resourcefulness and persistence of cyber adversaries.”
Manufacturing and energy were the most attacked industries in 2020, second only to the finance and insurance sector, according to the report. Media fell under the category of “other” which accounted for 30 percent of all targeted industries.
IBM Security noted a 40 percent increase in Linux-related malware attacks and a 500 percent increase in Go-written malware in the first six months of 2020. Brands offering collaboration tools including Google, Dropbox and Microsoft, or online shopping brands such as Amazon and PayPal, made the top 10 spoofed brands last year, with YouTube and Facebook also high on the list.
Ransomware was the cause of nearly one in four attacks that IBM X-Force responded to in 2020, and with many businesses accelerate their cloud adoption, cloud environments became a prime attack vector for cybercriminals.
“With attackers’ sights set on clouds, X-Force recommends that organizations should consider a zero-trust approach to their security strategy,” the report reads. “Businesses should also make confidential computing a core component of their security infrastructure to help protect their most sensitive data — by encrypting data in use, organizations can help reduce the risk of exploitability from a malicious actor, even if they’re able to access their sensitive environments.”
The report also concluded that the most successful way victim environments were accessed in 2020 was scanning and exploiting for vulnerabilities (35 percent), surpassing phishing (31 percent) for the first time in years.
To access the report, click here.