TRENDING
Security observed and analyzed from its data – drawing from billions of datapoints ranging from network and endpoint detection devices , incident response engagements , phishing kit tracking and more – including data provided by Intezer .
Some of the top highlights in this year ’ s report include : instead of operating under the assumption that every vulnerability in their environment has been patched , businesses should operate under an assumption of compromise and enhance their vulnerability management with a Zero Trust strategy .”
The ‘ nine lives ’ of ransomware groups
• Ransomware gangs defy takedowns . Ransomware persisted as the top attack method observed in 2021 , with ransomware groups showing no sign of stopping , despite the uptick in ransomware takedowns . According to the 2022 report , the average lifespan of a ransomware group before shutting down or rebranding is 17 months .
• Vulnerabilities expose businesses ’ biggest ‘ vice ’. X-Force reveals that for businesses in Europe , Asia and MEA , unpatched vulnerabilities caused approximately 50 % of attacks in 2021 , exposing businesses ’ biggest struggle – patching vulnerabilities .
• Early warning signs of cyber crisis in the cloud . Cybercriminals are laying the groundwork to target cloud environments , with the 2022 report revealing a 146 % increase in new Linux ransomware code and a shift to Docker-focused targeting , potentially making it easier for more threat actors to leverage cloud environments for malicious purposes .
“ Cybercriminals usually chase the money . Now with ransomware they are chasing leverage ,” said Charles Henderson , Head of IBM X-Force .
“ Businesses should recognize that vulnerabilities are holding them in a deadlock – as ransomware actors use that to their advantage . This is a non-binary challenge . The attack surface is only growing larger , so
Responding to the recent acceleration of ransomware takedowns by law enforcement , ransomware groups may be activating their own Disaster Recovery plans . X-Force ’ s analysis reveals that the average lifespan of a ransomware group before shutting down or rebranding is 17 months .
For example , REvil which was responsible for 37 % of all ransomware attacks in 2021 , persisted for four years through rebranding , suggesting the likelihood it resurfaces again despite its takedown by a multigovernment operation in mid-2021 .
While law enforcement takedowns can slow down ransomware attackers , they are also burdening them with the expenses required to fund their rebranding or rebuild their infrastructure . As the playing field changes , it ’ s important that organizations modernize their infrastructure to place their data in an environment that can help safeguard it – whether that be onpremises or in clouds .
This can help businesses manage , control and protect their workloads and remove threat actors ’ leverage in the event of a compromise by making it harder to access critical data in hybrid cloud environments .
Vulnerabilities become an existential crisis for some
The X-Force report highlights the record high number of vulnerabilities disclosed in 2021 , with vulnerabilities in industrial control systems rising by 50 % year-overyear . Although more than 146,000 vulnerabilities have been disclosed in the past decade , it ’ s only been in recent years that organizations accelerated their digital journey , largely driven by the pandemic , suggesting that the vulnerability management challenge has yet to reach its peak .
At the same time , vulnerability exploitation as an attack method is growing more popular . X-Force observed a 33 % increase since the previous year , with the two most exploited vulnerabilities observed in 2021 found in widely used enterprise applications ( Microsoft Exchange , Apache Log4J Library ).
Enterprises ’ challenge to manage vulnerabilities may continue to exacerbate as digital infrastructures
24 INTELLIGENTCIO APAC www . intelligentcio . com