The wave of cybercrime afflicting hospitals and other businesses in the wake of the Coronavirus pandemic last year is expected to expand to other industries this year, according to a recent computer industry report.
The warning was issued by the 2021 X-Force Threat Intelligence Index published at the end of February by IBM Security. It details how last year’s threat actors who have sought to profit from unprecedented socioeconomic, business and political challenges brought on by Covid 19.
Last year, cyberattacks on the healthcare, manufacturing, and energy sectors doubled from 2019, with threat actors targeting organizations that could not afford downtime due to risks of disrupting medical efforts or critical supply chains.
In fact, manufacturing and energy were the most attacked industries in 2020, second only to finance and insurance. Attackers took advantage of the nearly 50% increase in vulnerabilities in industrial control systems, which manufacturing and energy operations both strongly depend on.
IBM also said the most successful way victim environments were accessed last year was scanning and exploiting for vulnerabilities (35%), surpassing phishing (31%) for the first time in years.
Nearly 60% of ransomware attacks that the IBM X-Force responded to used a double extortion strategy where attackers encrypted, stole and then threatened to leak data, if the ransom wasn’t paid.
“In essence, the pandemic reshaped what is considered critical infrastructure today, and attackers took note. Many organizations were pushed to the front lines of response efforts for the first time – whether to support COVID-19 research, uphold vaccine and food supply chains, or produce personal protective equipment,” said Nick Rossmann, IBM’s Global Threat Intelligence lead.