https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Tech Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Tech Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Channel Research


Shutterstock

Stacked reports with clips on them.

IBM Report: Cybercriminals Most Heavily Targeted Manufacturing in 2021

  • Written by Edward Gately
  • February 23, 2022
Manufacturing dethroned financial service and insurance as the most attacked industry.

A new IBM report shows manufacturing was the most targeted industry for cyberattacks in 2021.

The annual IBM X-Force Threat Intelligence Index report unveils how ransomware and vulnerability exploitations together were able to “imprison” businesses in 2021, further burdening global supply chains.

While phishing was the most common cause of cyberattacks in general in the past year, IBM Security X-Force saw a 33% increase in attacks caused by vulnerability exploitation of unpatched software. Ransomware actors relied more on vulnerability exploitation than any other entry point to carry out their attacks in 2021. That accounted for 44% of ransomware attacks.

Manufacturing dethroned financial services and insurance as the most attacked industry. Ransomware actors attempted to “fracture” the backbone of global supply chains with attacks on manufacturing.

Forty-seven percent of attacks on manufacturing were due to vulnerabilities that victim organizations had not yet or could not patch, according to the IBM report. This highlights the need for organizations to prioritize vulnerability management.

What Makes Manufacturing a Lucrative Target

Charles DeBeck is senior cyber threat intelligence analyst with IBM Security X-Force.

IBM's Charles DeBeck

IBM’s Charles DeBeck

“The increased pressure on supply chains made manufacturing a particularly potent industry from a criminal perspective, as the high uptime requirements for operations, meaning that every second operations are disrupted cost them money, makes the potential for payout even greater,” he said. “Criminals always want to target organizations that need to pay. And these circumstances made manufacturing a particularly juicy target in 2021.”

It’s clear these attacks are having an impact on the bottom line, DeBeck said. That’s because following a ransomware attack many manufacturing businesses are increasing prices either in an attempt to recover losses/cyber cost or as a result of supply shortages. And those costs are being passed on to consumers. For example, by the end of 2021, ground beef prices rose 10% following the JBS ransomware attack.

“With no shortage of payouts, ransomware continues to be a lucrative business,” he said. “There are just over $692 million in 2021 ransomware payments — nearly double the amount Chainanalysis initially identified in 2020, according to its data as of January 2022. And even though we’re seeing heightened government focus and takedowns of ransomware gangs, they are simply rebranding or rebuilding by dipping into the ransom funds they’ve amassed.”

Key IBM Report Findings

Other key highlights from the IBM report include:

  • Ransomware persisted as the top attack method observed in 2021. Ransomware groups showed no sign of stopping, despite the uptick in ransomware takedowns. The average lifespan of a ransomware group before shutting down or rebranding is 17 months.
  • For businesses in Europe, Asia and MEA, unpatched vulnerabilities caused about 50% of attacks in 2021.
  • Cybercriminals are laying the groundwork to target cloud environments. The IBM report revealed a 146% increase in new Linux ransomware code and a shift to Docker-focused targeting. That could make it easier for more threat actors to leverage cloud environments for malicious purposes.

Among regions, Asia saw more cyberattacks than any other in the past year. Financial services and manufacturing organizations together experienced nearly 60% of attacks in Asia.

DeBeck did say the report highlights some positive developments.

“The use of stolen or compromised credentials was the third most common initial infection vector attackers relied on to infiltrate victim environments, at 9%,” he said. “The use of this method continues to drop year over year, from 29% in 2019 to 18% in 2020 and now 9% in 2021. It’s possible this downward trend is associated to the rise of multifactor authentication (MFA), and identity and access management (IAM) tools in recent years, which the pandemic has accelerated.”

Additionally, law enforcement takedowns of ransomware gangs is making it more expensive for them to operate, DeBeck said.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.
Tags: Cloud Service Providers MSPs Channel Research Cloud EMEA Security Strategy Vertical Markets

Most Recent


  • 6 Takeaways from the Ingram Micro Executive Panel
    “Ingram's role is to be the enabler of an ecosystem,” one panelist said.
  • threat report provides information about cyber threats
    A Sneak Peek at the 2022 BrightCloud Threat Report
    The 2022 threat report shows soaring ransomware payments, consistent infections, deceptive URLs and more.
  • New Solutions
    Google Cloud Security Summit: New Solutions for Zero Trust, Software Supply Chain, More
    The new solutions will help partners help their customers more quickly and easily adopt Google Cloud’s security capabilities.
  • Veeam CEO Anand Eswaran at VeeamON 2022
    Veeam's New CEO Wants 'Outsized' Data Protection Software Market Share
    Veeam CEO Anand Eswaran shares ambitious goal at VeeamON conference, where he also shared alarming ransomware trends.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Power Systems
    Are Power Systems the Weak Link in Your Cybersecurity Strategy?
  • Chess king, leader
    IBM, Cisco, Trend Micro Among Leaders in Growing Threat Intelligence Market
  • Russia hacker
    The Gately Report: Barracuda MSP Cybersecurity Update, Russian Cyber Threats, Cloudflare M&A
  • Distribution
    The Role of Distributors Is Disrupting the Channel Industry

Upcoming Events

View all

Channel Partners Europe

June 14, 2022 - June 15, 2022

MSP Summit

September 13, 2022 - September 16, 2022

Galleries

View all

6 Takeaways from the Ingram Micro Executive Panel

May 17, 2022

Google Cloud Security Summit: New Solutions for Zero Trust, Software Supply Chain, More

May 17, 2022

Unprecedented Times Impacting Cybersecurity Channel Partners

May 16, 2022

Industry Perspectives

View all

A Sneak Peek at the 2022 BrightCloud Threat Report

May 17, 2022

Build Customers for Life with CX and Lifecycle Selling

May 16, 2022

Voice Analytics Are a Must-Have as Companies Evolve COVID-Rushed Tech

May 12, 2022

Webinars

View all

Simplifying SaaS Security for MSPs

April 27, 2022

How to Supercharge The Network to Support Your IT Superhero Moves

May 3, 2022

The 2022 MSP Challenge: Scale Service Delivery Despite the Talent Gap

April 21, 2022

White Papers

View all

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

The AT&T Cybersecurity Incident Response Toolkit

April 4, 2022

Channel Futures TV

View all

AT&T, Microsoft, Cisco, ThreatLocker on Unlocking Partner Potential

Agents Share ‘Secrets,’ Industry Opportunity

May 11, 2022

Vonage Addresses Potential Partner Opportunity via Acquisition by Ericsson

May 5, 2022

Lumen Technologies ‘Built for Growth and Scale’

May 4, 2022

Twitter

ChannelFutures

“@IngramMicroInc's role is to be the enabler of an ecosystem,” @SahooSanj said at the company's cloud summit.… twitter.com/i/web/status/1…

May 18, 2022
ChannelFutures

Take a sneak peak at BrightCloud's 2022 Threat Report. #Channel Partners #CyberThreats @Webroot… twitter.com/i/web/status/1…

May 18, 2022
ChannelFutures

#GoogleCloudSummit unveils new solutions for #zerotrust, supply chain security. @googlecloud dlvr.it/SQZ2By https://t.co/37buEDQ030

May 18, 2022
ChannelFutures

.@Veeam CEO @anandeswaran is gunning for outsized share of data protection market at #veeamOn2022… twitter.com/i/web/status/1…

May 18, 2022
ChannelFutures

#ChannelEurope keynote with @contextworld addresses partners staying calm amid market volatility.… twitter.com/i/web/status/1…

May 17, 2022
ChannelFutures

Read about how the partnership between @AryakaNetworks and @AppSmartcom is a milestone for both companies.… twitter.com/i/web/status/1…

May 17, 2022
ChannelFutures

.@pathlock secures $200 million in new funding, announces M&A to increase capabilities. #appsecurity… twitter.com/i/web/status/1…

May 17, 2022
ChannelFutures

Mark your calendar for our upcoming #VirtualWorkshop! On May 26th at 2 p.m. EDT, this session will show you the pow… twitter.com/i/web/status/1…

May 17, 2022

MSSP Insider

Business advice for MSSPs and news from the broader security channel.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X