Wednesday, April 21, 2021
News
NEWS HOME
»
PRN INDIA
IBM Security Report: Attacks on Industries Supporting COVID-19 Response Efforts Double
  SocialTwist Tell-a-Friend  
   

Ransomware Group Banks Millions; Cloudy Forecast Amid 40% Rise in Open-Source Malware in 2020; Social Distancing "Must Have" Tools Dominate Top Spoofed Brands

CAMBRIDGE, Massachusetts, Feb. 24, 2021 /PRNewswire/ -- IBM (NYSE:  IBM)  Security today released the 2021 X-Force Threat Intelligence Index  highlighting how cyberattacks evolved in 2020 as threat actors sought to profit from the unprecedented socioeconomic, business and political challenges brought on by the COVID-19 pandemic. In 2020, IBM Security X-Force observed attackers pivoting their attacks to businesses for which global COVID-19 response efforts heavily relied, such as hospitals, medical and pharmaceutical manufacturers, as well as energy companies powering the COVID-19 supply chain.

IBM Corporation logo.

According to the new report, cyberattacks on healthcare, manufacturing, and energy doubled from the year prior, with threat actors targeting organizations that could not afford downtime due to risks of disrupting medical efforts or critical supply chains. In fact, manufacturing and energy were the most attacked industries in 2020, second only to the finance and insurance sector. Contributing to this was attackers taking advantage of the nearly 50% increase in vulnerabilities in industrial control systems (ICS), which manufacturing and energy both strongly depend on.

"In essence, the pandemic reshaped what is considered critical infrastructure today, and attackers took note. Many organizations were pushed to the front lines of response efforts for the first time – whether to support COVID-19 research, uphold vaccine and food supply chains, or produce personal protective equipment," said Nick Rossmann, Global Threat Intelligence Lead, IBM Security X-Force. "Attackers' victimology shifted as the COVID-19 timeline of events unfolded, indicating yet again, the adaptability, resourcefulness and persistence of cyber adversaries."

The X-Force Threat Intelligence Index  is based on insights and observations from monitoring over 150 billion security events per day in more than 130 countries. In addition, data is gathered and analyzed from multiple sources within IBM, including IBM Security X-Force Threat Intelligence and Incident Response, X-Force Red, IBM Managed Security Services, and data provided by Quad9  and Intezer, both of which contributed to the 2021 report.

Some of the report's key highlights include:

  • Cybercriminals Accelerate Use of Linux Malware – With a 40% increase in Linux-related malware families in the past year, according to Intezer, and a 500% increase in Go-written malware in the first six months of 2020, attackers are accelerating a migration to Linux malware, that can more easily run on various platforms, including cloud environments.
  • Pandemic Drives Top Spoofed Brands – Amid a year of social distancing and remote work, brands offering collaboration tools such as Google, Dropbox and Microsoft, or online shopping brands such as Amazon and PayPal, made the top 10 spoofed brands in 2020. YouTube and Facebook, which consumers relied on more for news digestion last year, also topped the list. Surprisingly, making an inaugural debut as the seventh most commonly impersonated brand in 2020 was Adidas, likely driven by demand for the Yeezy and Superstar sneaker lines.
  • Ransomware Groups Cash In On Profitable Business Model – Ransomware was the cause of nearly one in four attacks that X-Force responded to in 2020, with attacks aggressively evolving to include double extortion tactics. Using this model, X-Force assesses Sodinokibi – the most commonly observed ransomware group in 2020 – had a very profitable year. X-Force estimates that the group made a conservative estimate of over $123 million in the past year, with approximately two-thirds of its victims paying a ransom, according to the report.

Investment in Open-Source Malware Threatens Cloud Environments
Amid the COVID-19 pandemic, many businesses sought to accelerate their cloud adoption. "In fact, a recent Gartner survey  found that almost 70% of organizations using cloud services today plan to increase their cloud spending in the wake of the disruption caused by COVID-19." 1 But with Linux currently powering  90% of cloud workloads and the X-Force report detailing a 500% increase in Linux-related malware families in the past decade, cloud environments can become a prime attack vector for threat actors.

With the rise in open-source malware, IBM assesses that attackers may be looking for ways to improve their profit margins – possibly reducing costs, increasing effectiveness and creating opportunities to scale more profitable attacks. The report highlights various threat groups such as APT28, APT29 and Carbanak turning to open-source malware, indicating that this trend will be an accelerator for more cloud attacks in the coming year.

The report also suggests that attackers are exploiting the expandable processing power that cloud environments provide, passing along heavy cloud usage charges on victim organizations, as Intezer observed more than 13% new, previously unobserved code in Linux cryptomining malware in 2020.

With attackers' sights set on clouds, X-Force recommends that organizations should consider a zero-trust approach  to their security strategy. Businesses should also make confidential computing a core component of their security infrastructure to help protect their most sensitive data – by encrypting data in use, organizations can help reduce the risk of exploitability from a malicious actor, even if they're able to access their sensitive environments.

Cybercriminals Disguised as Celebrity Brand
The 2021 report highlights that cybercriminals opted to disguise themselves most often as brands that consumers trust. Considered one of the most influential brands in the world, Adidas appeared attractive to cybercriminals attempting to exploit consumer demand to drive those looking for coveted sneakers to malicious websites designed to look like legitimate sites. Once a user visited these legitimate-looking domains, cybercriminals would either seek to carry out online payment scams, steal users' financial information, harvest user credentials, or infect victims' devices with malware.

The report indicates that the majority of Adidas spoofing is associated with the Yeezy and Superstar sneaker lines. The Yeezy line alone reportedly  pulled in $1.3 billion in 2019 and was one of the top selling sneakers for the sportswear manufacturing giant. It's likely that, with the hype for the next sneaker release in early 2020, attackers leveraged the demand of the money-making brand to make their own profit.

Ransomware Dominates 2020 as Most Common Attack
According to the report, in 2020 the world experienced more ransomware attacks compared to 2019, with nearly 60% of ransomware attacks that X-Force responded to using a double extortion strategy whereby attackers encrypted, stole and then threatened to leak data, if the ransom wasn't paid. In fact, in 2020, 36% of the data breaches that X-Force tracked came from ransomware attacks that also involved alleged data theft, suggesting that data breaches and ransomware attacks are beginning to collide.

The most active ransomware group reported in 2020 was Sodinokibi (also known as REvil), accounting for 22% of all ransomware incidents that X-Force observed. X-Force estimates that Sodinokibi stole approximately 21.6 terabytes of data from its victims, that nearly two-thirds of Sodinokibi victims paid ransom, and approximately 43% had their data leaked – which X-Force estimates resulted in the group making over $123 million in the past year.

Like Sodinokibi, the report found that the most successful ransomware groups in 2020 were focused on also stealing and leaking data, as well as creating ransomware-as-a-service cartels and outsourcing key aspects of their operations to cybercriminals that specialize in different aspects of an attack. In response to these more aggressive ransomware attacks, X-Force recommends  that organizations limit access to sensitive data and protect highly privileged accounts with  privileged access management (PAM)  and identity and access management (IAM).

Additional key findings in the report include:

  • Vulnerabilities Surpass Phishing as Most Common Infection Vector – The 2021 report reveals that the most successful way victim environments were accessed last year was scanning and exploiting for vulnerabilities (35%), surpassing phishing (31%) for the first time in years.
  • Europe Felt the Brunt of 2020 Attacks – Accounting for 31% of attacks X-Force responded to in 2020, per the report, Europe experienced more attacks than any other region, with ransomware rising as the top culprit. In addition, Europe saw more insider threat attacks than any other region, seeing twice as many such attacks as North America and Asia combined.

The report features data IBM collected in 2020 to deliver insightful information about the global threat landscape and inform security professionals about the threats most relevant to their organizations.  To download a copy of the X-Force Threat Intelligence Index 2021, please visit: https://www.ibm.biz/threatindex2021    

About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM Security X-Force research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world's broadest security research, development and delivery organizations, monitors 150 billion+ security events per day in more than 130 countries, and has been granted more than 10,000 security patents worldwide. For more information, please check  www.ibm.com/security, follow  @IBMSecurity  on Twitter or visit the  IBM Security Intelligence  blog.

Press Contact
Georgia Prassinos
IBM Security Media Relations
gprassinos@ibm.com

____________________

1 Gartner Press Release, Gartner Forecasts Worldwide Public Cloud End-User Spending to Grow 18% in 2021,  17 November 2020

Logo - https://mma.prnewswire.com/media/95470/ibm_logo.jpg

More News by PR Newswire India

Damm and Ball launch world's first Aluminium Stewardship Initiative certified beverage cans

LimaCorporate And HSS Partner To Open First Provider-based Design And 3D Printing Center For Complex Joint Reconstruction Surgery

WhiteHat Jr.'s search for Tech Leaders steered by Purple Quarter

Ampersand Group successfully concludes digital intervention, development across Nashik Anganwadis

Siply Launches Affordable Gold Savings Scheme with High Returns for the Masses

Glenmark Pharmaceuticals receives ANDA approval for Chlorpromazine Hydrochloride Tablets USP, 10 mg, 25 mg, 50 mg, 100 mg, and 200 mg: Granted competitive generic therapy (CGT) designation and is eligible for 180 days of CGT exclusivity

Aavishkaar Group dedicates its Group Impact Report 2020 to 55 Million women leaders in its ecosystem

Feedback plc: International expansion with appointment of two industry specialists in India

LexisNexis Risk Solutions Study Reveals Financial Crime Compliance Costs Across Asia-Pacific Region Increased 20.6% Year Over Year

Eight Manga Artists' Works Exhibited at Kansai Airport Starting March 20

Asia Pacific banks are ready to take advantage of truly digital cores - delivering competitive advantages beyond cost

Citizenship by Investment Funded Real Estate Developments Will Bolster Dominica's Tourism Offering

Adults with obesity treated with semaglutide 2.4 mg achieved and maintained a significant amount of weight loss in a 68-week trial

Cleaner, Clearer Pool and Spa Water

Gastops celebrates 3,500th engine sensor delivery for F-35 Lightning II

Amazfit T-Rex Pro: A Tough Military-grade Smartwatch with Endurance to Match Your Own and up to 18 Days' Battery Life[1]

Rugged Military-Grade Smartwatch is the Ultimate Partner for Challenging Military-Grade Obstacle Course, Amazfit Partners with Spartan

Meitra Hospital Redefines its Brand Identity

Second Star-studded Hank's Home Game Sees Jokes, Jibes and Showdowns in the Name of Charity at PokerStars.net

Goa Introduces Olectra Electric Buses in its fleet

Haier's Healthy Air Conditioners Rank Number One in Three Prestigious Euromonitor International Categories

AeC Lauded by Frost & Sullivan for Employing a Mix of Technology and Human Expertise to further strengthen its position in the Brazilian Customer Experience Outsourcing Market

Pharmactive Earns Acclaim from Frost & Sullivan for Helping People Improve their Cognitive Functions with its Saffron-based Ingredient, Affron®

HPE Lauded by Frost & Sullivan for Lowering the Risk of 5G Deployments

Uptake Recognized by Frost & Sullivan for Its Predictive Modeling Solutions for Medium-to-heavy-duty Vehicles

Brands are Redefining the Customer Experience by Adopting a Digital-first Approach

IIIT Hyderabad Announces M.Tech Program in Product Design and Management

U.S. Polo Assn. to Sponsor the Annual Lexus International Gay Polo Tournament Celebrating the Gay Polo League

Eagle Eye and Neptune Retail Solutions Enable a Better Digital Coupon Experience for Southeastern Grocers' Shoppers

Sinopec Signs Long-term Liquefied Natural Gas Deal of 2 Million Tons per Annum with Qatar Petroleum

Byogy Commissions Sustainable Low Carbon Jet Fuel Plant in Japan Advancing 'Alcohol to Jet' to Zero Carbon

Xinhua Silk Road: Changsha Economic and Technological Development Zone in C. China's Hunan unveils multiple measures to attract talents worldwide

AWE 2021: Haier Smart Home Brings Revolutionary Living Experience Empowered by its Smart Home Solution

New Research Reveals Top Investment Migration Program Options for HNWIs Seeking Health Security

V-Marc India Limited Initial Public Offering of Equity Shares opening on Thursday, March 25, 2021

Digital-First Tylko Raises €22 Million in Series C as Part of Its Commitment to Set New Standards in the Furniture Industry

Life Cycle Analysis of Corbion's AlgaPrime™ DHA Validates Lower Carbon Footprint Compared to Traditional Sources of Fish Oil

Logiq Partners with Comviva to Offer Digital Wallet and Payment Services to Millions of Mobile Users Across Indonesia

Diluent or Immuno-Reagent solutions for your diagnostic testing kits (Covid, Flu, etc.)

oneZero releases Algorithmic Pricing Module to give institutional clients even greater control

World Class Cocktail Festival: 2021 Homecoming

On World Water Day 2021, Sensus unveils exclusive whitepaper - 'Smart Cities need Smart Water'

Hexaware Technologies is Great Place to Work - certified

Ghodawat Consumer Earns a Prestigious Award; Bags 'India's Most Admirable Brand' Recognition

Glenmark Pharmaceuticals receives ANDA approval for Diltiazem Hydrochloride Extended-Release Capsules USP, 60 mg, 90 mg, and 120 mg: Granted competitive generic therapy (CGT) designation and is eligible for 180 days of CGT exclusivity

UST Provides Online Retail Platform Solution for UNIQLO India to Launch 'Shop From Home' Service

IAS Launches First Industry-Wide Digital Ad Verification Training Program

Bruce Lee's lost passion project 'The Silent Flute' to be produced by entrepreneur Jason Kothari

WZCC announces an exciting webinar with Mr. Piruz Khambatta, Chairman of Rasna, Hon. Consul General South Korea, Director GNFC, Chairman Rasna Foundation and Founder Trustee Areez Khambatta Benevolent Trust

HarperCollins is delighted to announce: Everything the Light Touches by Janice Pariat, publishing from Fourth Estate in October 2022

Crypto Liquidity Platform Black Ocean Opens Customer Whitelist

PathogenDx Applauded by Frost & Sullivan for Its Ultra-rapid COVID-19 Testing Platform, DetectX-Rv Test

Global Semiconductor Materials Market Sets New High of $55.3 Billion With 5% Expansion in 2020, SEMI Reports

Catalyst Welcomes Accenture CEO Julie Sweet As New Board Chair

Frost & Sullivan Opens Nominations for Itron Excellence in Resourcefulness Awards

Squirrels Boosts AirPlay, Miracast and Google Cast With All-New Reflector 4

Stockholm International Water Institute: Freshwater Thought Leader Sandra Postel awarded 2021 Stockholm Water Prize

Astral Foundation helps Hiwali get its first water pipeline after independence

Sirtex Medical announces new SIR-Spheres® DOORwaY-90 Study: The first prospective multicenter U.S.-based trial for registration as first-line treatment for hepatocellular carcinoma

Frost & Sullivan Experts Analyze Regional Tactics for Water and Sanitation for All by 2030

NEC Earns Acclaim from Frost & Sullivan for Adopting a Vector-based Approach to High-performance Computing with its SX-Aurora TSUBASA

Voyager Labs Partners with Microsoft to Provide AI SaaS Investigation Platforms to Empower Public Safety

Global Energy Prize 2021 - record number of participating countries

RedHill Biopharma Announces Compassionate Use Treatment with Opaganib of first COVID-19 Patients in Switzerland

Summer Gold Coin Offer begins on KhelPlay Rummy

Planet Water Foundation Brings Life-Changing Access to Clean Drinking Water to Communities Across 5 Countries as Part of World Water Day Activation

RDIF and Virchow Biotech partner for production of Sputnik V vaccine in India

Sonata Software to tap the Customer Experience (CX) Market to fuel growth

Mana Projects Celebrating 21 Years of Real Estate Excellence

Avaya Acclaimed by Frost & Sullivan for Seizing Growth Opportunities with its Robust Portfolio of Intelligent Contact Center Solutions

Glenmark and Bausch Health join together to commercialize RYALTRIS ™ nasal spray in Canada

AVEVA and OSIsoft Combine to Unlock the Potential of Data to Drive Increased Performance for Industrial Organizations

Xinhua Silk Road: Nanjing Jiangbei New Area invites global partners to jointly promote dev. of life and health industry

Zalando Launches Spring Campaign to Laud Society's Champions & Celebrate Their Values

Hexaware Technologies Announces a Work Integrated Learning Program for Freshers

Empuls by Xoxoday integrates with Slack

India's Top Student Volunteers Felicitated At The 11th Annual Pramerica Spirit of Community Awards

Rajshri Entertainment to Make Its Wellness Content Available on Gaana as Podcasts

Plintron powers a unique educational initiative by SmartCentric

IBM Launches Fourth Annual Call for Code Global Challenge to Tackle Existential Threat of Climate Change

Product Analytics is the Number One Measurement of Digital Success, New Report By Harvard Business Review Analytic Services Sponsored by Amplitude Shows

SVKM's NMIMS Invites Applications for Post-Graduate Pharmacy Programs

PrettyLittleThing Turns Burj Khalifa Pink

Doctors Hospital Takes Action to Preserve Fair Competition After the Cayman Government Grants a Series of Financial Concessions

Maybelline New York Announces Storm Reid As Global Spokesmodel

The Craft Irish Whiskey Co. Sets the Record for the World's Most Expensive Whiskey Collection in Partnership With Fabergé

ZS PRIZE, a healthcare innovation programme, selects top 8 teams for jury evaluation and final winner announcement in April 2021

SUN Mobility and Zyngo partner to offer seamless last-mile delivery

India Nightlife Convention & Awards (INCA) concludes its 5th Edition in Goa

OKExChain welcomes Cosmostation validator node operator among six other partners to its rapidly expanding ecosystem

Voltas introduces the new 2021 range of Voltas Fresh Air Coolers; launches 'Ab Garmi Ke Mazey Lo, Bina Garmi Ke' campaign

Aster MIMS Calicut Offers Free Liver Transplant Surgeries to Children

'The Apprentice: ONE Championship Edition' to Premiere in India tomorrow, March 20th on Republic TV

APML issues pre-alert and guidelines to save innocent citizens from fake websites and fraudsters in packing and moving segment

GC to Increase Vinythai Shares through Delisting Tender Offer, Strengthening Downstream Chemicals Business, and Expanding Its Business in CLMV Market

Flexible workspaces to lease 3 million square feet of space in 2021: Colliers

RateGain Ranks in Deloitte Technology Fast50 For The Fifth Time

First Advantage launches Vendor Screening Solution

NMIMS Hyderabad Invites Applications for Common Entrance Tests - NMIMS- NPAT, NMIMS-CET and NMIMS-LAT - for Commerce, Pharmacy, & Law Programs

IAS Extends its Leadership in Brand Safety and Ad Fraud Protection with TAG Recertification

CITIC Networks Becomes Big Data Exchange (BDx) Connectivity Partner in Nanjing Data Center

ApiJect Systems, Corp., Announces Appointment of Global Branding Leader, Craig Cohon as Chief Strategy Officer

Encore® Launches Hybrid+, Setting A Global Standard For Hybrid Meeting & Event Experiences

New Report Discusses IT/OT Convergence for Telcos

SDI Adds Acteev Protect™ Masks to Portfolio of PPE As-a-Service(SM)

The 129th Canton Fair Prepares for a Virtual Return from April 15-24, 2021

Hitachi launches new range of Room Air Conditioners for the new-age consumers: 'One for everyone'

Five Business Strategies to Ensure Environment Safety and Leverage eWaste Management

Huawei Recognized as a 2021 Gartner Peer Insights Customers' Choice for WAN Edge Infrastructure

"Charm of Jiangsu" celebrated the 2021 Chinese New Year with overseas fans online

GameAnalytics Joins Huawei Ecosystem as the Latest Platform Partner

Frost & Sullivan's India Manufacturing Excellence Awards 2021 to Honor Future-Ready Factories

Adani Green Energy raises USD 1.35 billion in one of Asia's largest project financing deals

Reliance Securities named as India's 10 most promising share trading platforms of 2020

QuerySurge is Now Available in the Microsoft Azure Marketplace

XCMG Celebrates International Day of Happiness, Champions Employee Wellbeing with its Upgraded Total Health Program

ZestMoney Ranked Second Fastest Growing Technology Company in Deloitte Technology Fast 50 India 2020

Firescore Interactive to launch the hyper-casual gaming hub 'CrazyHubs India' in partnership with CrazyLabs

Technical clothing requirements for armed forces likely to be included in negative import list; keen to procure indigenised techno textiles: General Bipin Rawat

Frost & Sullivan Identifies the Top 5 Growth Opportunities in the Next-Generation Connected Car Industry

Trimble Announces Release of Tekla 2021 Structural BIM Software Solutions

Nespresso invests CHF 117 million in the expansion of its Avenches production center to meet growing consumer demand

FDI - Dental disaster: One year after first lockdowns dentists around the world confront the consequences of the COVID-19 pandemic on people's oral health: higher incidence of tooth decay and more advanced gum disease

Aeijaz Sodawala, CEO eZee Technosys gives an industry insider view-point on the Google Free Booking Link Program

Skootr Launches Skootr FinSave, A New Company To Meet Growing Demand For Financial Services In The Office Segment

LYRA last-mile connectivity solution for rural India

 
 
TRENDING TOPICS
 
 
CITY NEWS
MORE CITIES
 
 
INDIA WORLD ASIA
Delhi Police sets up green corridor for ...
Construction of water filtration plant u...
Pointsman, who saved child at a railway ...
19 juveniles escape from isolation ward ...
Re-polling held in 4 polling stations in...
Karnataka should not shy away from lockd...
More...    
 
 Top Stories
BrandSpot365 makes meeting media ma... 
European Super League to reshape pr... 
'Lupin' tops Netflix's viewership c... 
Not just a digital-first but also a... 
Pregnant women can maintain healthy... 
Paytm Payments Bank expands lead as... 
Sleep quality of older adults can b... 
Kejriwal to meet LG over COVID situ...