Cybercrime: in Italy manufacturing is the first target of hackers

IBM's X-force threat index data: 47% of attacks against the industry exceeding finance & insurance in the ranking. More than one in four events are ransomware. The weak link? Unpatched vulnerabilities 24 Feb 2022 A. S.

In Italy, more than one cyber attack in four, 27% to be exact, is carried out with the ransomware technique. 47% of these offensives targeted the manufacturing sector (compared to 23.2% on a global scale), which takes the lead among those most targeted, overtaking finance-insurance. In addition, 56% of attacks are carried out thanks to the exploitation of vulnerabilities that have not been patched. These are some of the main pieces of evidence that emerge from IBM Security's annual X-Force Threat Intelligence Index report, which illustrates which attacks were perpetrated in 2021, the main attack vectors and the industries most affected in the field of cybersecurity. While phishing has been the most common cause of cyberattacks in the past year, attacks caused by exploiting outdated software vulnerabilities increased by 33% in 2021, causing 44% of ransomware attacks, according to research. The research also shows that in 2021 hackers attempted through ransomware attacks to enter global supply chains by targeting the manufacturing sector, which has become the most attacked in 2021 (23%), surpassing the financial services and insurance sectors that have been at the summit for several years. "By carrying out ransomware attacks more than in any other sector of industry, the attackers have bet on the knock-on effect that disruption of the activities of manufacturing companies would cause to their downstream supply chains, prompting them to pay the ransom - he explains. IBM Security in a note - An alarming 47% of attacks on the manufacturing sector were caused by vulnerabilities that the victim organizations had not yet corrected, or could not correct, with update patches, highlighting the need to promptly manage software vulnerabilities " . Among the trends that emerged from the study is the fact that ransomware gangs manage to survive the decommissioning efforts by the authorities, with an average duration - before closure or the creation of a new ransomware family - of 17 months. According to the research, cloud environments are also starting to enter the sights of cyber criminals: the study reveals a 146% increase in new Linux ransomware code and a shift of the attack target towards Docker, potentially making it easier for more actors to leverage cloud environments for malicious purposes. “Cybercriminals usually chase money. Now with ransomware they are aiming for what amplifies the results - says Charles Henderson, Head of IBM X-Force - Businesses should understand that vulnerabilities put them in a stalemate - while ransomware actors use them to their advantage. This is not a binary challenge. The attack surface is becoming increasingly vast and it is no longer sufficient to operate with the assumption that every vulnerability in one's environment has been patched: enterprises should operate assuming that they are, sooner or later, victims of an attack and improve the vulnerability management by adopting a Zero Trust strategy ". The report also highlights that a record number of vulnerabilities were disclosed in 2021, with vulnerabilities in Industrial Control Systems increasing by 50% over the previous year. "The challenge of companies in managing vulnerabilities could continue to worsen - reads the press release - with the expansion of digital infrastructures and the increase in compliance requests with respect to audit and maintenance requirements, highlighting the importance of operating always starting from assumption of a possible compromise and apply a Zero Trust strategy to protect their IT architectures ".

first target