industry unlocked
their digital journey , largely driven by the pandemic , suggesting that the vulnerability management challenge has yet to reach its peak .
At the same time , vulnerability exploitation as an attack method is growing more popular . X-Force observed a 33 % increase since the previous year , with the two most exploited vulnerabilities observed in 2021 found in widely used enterprise applications ( Microsoft Exchange , Apache Log4J Library ). Enterprises ’ challenge to manage vulnerabilities may continue to exacerbate as digital infrastructures expand and businesses can grow overwhelmed with audit and upkeep requirements , highlighting the importance of operating on the assumption of compromise and applying a Zero Trust strategy to help protect their architecture .
Attackers target common grounds among clouds
In 2021 , X-Force observed more attackers shifting their targeting to containers like Docker – by far the most dominant container runtime engine according to RedHat . Attackers recognise that containers are common grounds among organisations so they are doubling down on ways to maximise their RoI with malware that can cross platforms and can be used as a jumping off point to other components of their victims ’ infrastructure .
The 2022 report also sounds caution on threat actors ’ continued investment into unique , previously unobserved , Linux malware , with data provided by Intezer revealing a 146 % increase in Linux ransomware that has new code . As attackers remain steady
As attackers remain steady in their pursuit of ways to scale operations through cloud environments , businesses must focus on extending visibility into their hybrid infrastructure . in their pursuit of ways to scale operations through cloud environments , businesses must focus on extending visibility into their hybrid infrastructure . Hybrid cloud environments that are built on interoperability and open standards can help organisations detect blind spots and accelerate and automate security responses .
Additional findings from the 2022 report include :
• Asia leads attacks – Experiencing over one in four attacks that IBM observed globally in 2021 , Asia saw more cyberattacks than any other region in the past year . Financial services and manufacturing organisations together experienced nearly 60 % of attacks in Asia .
• First time caller , long time phisher – Phishing was the most common cause of cyberattacks in 2021 . In X-Force Red ’ s penetration tests , the click rate in its phishing campaigns tripled when combined with phone calls .
The report features data IBM collected globally in 2021 to deliver insightful information about the global threat landscape and inform security professionals about the threats most relevant to their organisations . u
46 www . intelligentciso . com