Cyberattacks on healthcare, manufacturing and energy firms doubled in 2020, as hackers launched a wave of attacks on critical infrastructure during the pandemic according to a new report from IBM.

Analysis of data from IBM security systems globally found that manufacturing and energy were the second most targeted industries after finance and insurance last year, with attackers taking advantage of the nearly 50 per cent increase in vulnerabilities in industrial control systems (ICS), which manufacturing and energy both strongly depend on.

Cybercriminals also shifted their tactics with a 40 per cent acceleration of use of Linux-related malware attacks which can run easily on various platforms, including cloud environments.

When it comes to imitation or spoofing attacks, with the arrival of social distancing and remote work brands offering collaboration tools such as Google, Dropbox and Microsoft, or online shopping brands such as Amazon and PayPal, made the top 10 spoofed brands in 2020.

Meanwhile celebrity brand campaigns such as Kanye West’s Yeezy line made Adidas the seventh most commonly impersonated brand in 2020.

The 2021 report reveals that the most successful way victim environments were accessed last year was scanning and exploiting for vulnerabilities (35 per cent), surpassing phishing (31 per cent) for the first time in years.

The hackers also stepped up their use of ransomware attacks, with nearly one in four attacks based on this model and more aggressive double extortion tactics whereby attackers encrypted, stole and then threatened to leak data, if the ransom wasn’t paid.

In 2020, 36 per cent of the data breaches that X-Force tracked came from ransomware attacks that also involved alleged data theft, suggesting that data breaches and ransomware attacks are beginning to collide.

With the rise in open-source malware, IBM predicted that attackers may be looking for ways to improve their profit margins – possibly reducing costs, increasing effectiveness and creating opportunities to scale more profitable attacks.

The report highlights various threat groups such as APT28, APT29 and Carbanak turning to open-source malware, indicating that this trend will be an accelerator for more cloud attacks in the coming year.

Nick Rossmann, global threat intelligence lead, at IBM Security X-Force said: “In essence, the pandemic reshaped what is considered critical infrastructure today, and attackers took note. Many organizations were pushed to the front lines of response efforts for the first time – whether to support COVID-19 research, uphold vaccine and food supply chains, or produce personal protective equipment.”

“Attackers’ victimology shifted as the COVID-19 timeline of events unfolded, indicating yet again, the adaptability, resourcefulness and persistence of cyber adversaries.”

Share Story: