In fact, manufacturing and energy were the most attacked industries in 2020, second only to the finance and insurance sector. Contributing to this was attackers taking advantage of the nearly 50% increase in vulnerabilities in industrial control systems (ICS), which manufacturing and energy both strongly depend on.
“In essence, the pandemic reshaped what is considered critical infrastructure today and attackers took note. Many organizations were pushed to the front lines of response efforts for the first time – whether to support Covid-19 research, uphold vaccine and food supply chains, or produce personal protective equipment,” said Nick Rossmann, Global Threat Intelligence Lead, IBM Security X-Force.
“Attackers’ victimology shifted as the Covid-19 timeline of events unfolded, indicating yet again, the adaptability, resourcefulness and persistence of cyber adversaries.”
The X-Force Threat Intelligence Index is based on insights and observations from monitoring over 150 billion security events per day in more than 130 countries.
The 2021 X-Force Threat Intelligence Index has highlighted, in 2020, attackers pivoting their attacks to businesses for which global Covid-19 response efforts heavily relied, such as hospitals, medical and pharmaceutical manufacturers, as well as energy companies powering the Covid-19 supply chain.
According to the report, with a 40% increase in Linux-related malware families in the past year and a 500% increase in Go-written malware in the first six months of 2020, attackers are accelerating a migration to Linux malware, that can more easily run-on various platforms, including cloud environments.
Amid a year of social distancing and remote work, brands offering collaboration tools such as Google, Dropbox and Microsoft, or online shopping brands such as Amazon and PayPal, made the top 10 spoofed brands in 2020. YouTube and Facebook, which consumers relied on more for news digestion last year, also topped the list.
Surprisingly, making an inaugural debut as the seventh most commonly impersonated brand in 2020 was Adidas, likely driven by demand for the Yeezy and Superstar sneaker lines. Ransomware was the cause of nearly one in four attacks that X-Force responded to in 2020, with attacks aggressively evolving to include double extortion tactics.
Using this model, X-Force assesses Sodinokibi – the most commonly observed ransomware group in 2020 – had a very profitable year. X-Force estimates that the group made a conservative estimate of over $123 million in the past year, with approximately two-thirds of its victims paying a ransom, according to the report.