Attacks on Industries Supporting COVID-19 Response Efforts Double
IBM Security released the 2021 X-Force Threat Intelligence Index highlighting how cyberattacks evolved in 2020. Threat actors sought to profit from the unprecedented socioeconomic, business and political challenges brought on by the COVID-19 pandemic. In 2020, X-Force observed attackers pivoting their attacks to businesses for which global COVID-19 response efforts heavily relied, such as hospitals, medical and pharmaceutical manufacturers, as well as energy companies powering the COVID-19 supply chain.
According to the new report, cyberattacks on healthcare, manufacturing, and energy doubled from the year prior, with threat actors targeting organizations that could not afford downtime due to risks of disrupting medical efforts or critical supply chains. In fact, manufacturing and energy were the most attacked industries in 2020, second only to the finance and insurance sector. Contributing to this was attackers taking advantage of the nearly 50% increase in vulnerabilities in industrial control systems (ICS), which manufacturing and energy both strongly depend on.
"In essence, the pandemic reshaped what is considered critical infrastructure today, and attackers took note. Many organizations were pushed to the front lines of response efforts for the first time, whether to support COVID-19 research, uphold vaccine and food supply chains, or produce personal protective equipment," said Nick Rossmann, Global Threat Intelligence Lead, IBM Security X-Force. "Attackers' victimology shifted as the COVID-19 timeline of events unfolded, indicating yet again, the adaptability, resourcefulness and persistence of cyber adversaries."
The X-Force Threat Intelligence Index is based on insights and observations from monitoring over 150 billion security events per day in more than 130 countries. In addition, data is gathered and analyzed from multiple sources within IBM, including IBM Security X-Force Threat Intelligence and Incident Response, X-Force Red, IBM Managed Security Services, and data provided by Quad9 and Intezer, both of which contributed to the 2021 report.
According to the report, in 2020 the world experienced more ransomware attacks compared to 2019, with nearly 60% of ransomware attacks that X-Force responded to using a double extortion strategy whereby attackers encrypted, stole and then threatened to leak data, if the ransom wasn't paid. In fact, in 2020, 36% of the data breaches that X-Force tracked came from ransomware attacks that also involved alleged data theft, suggesting that data breaches and ransomware attacks are beginning to collide.