Vulnerability becomes a survival hazard for enterprises
The X-Force report emphasizes that the number of disclosed vulnerabilities reached a new high in 2021, with vulnerabilities in industrial control systems increasing by 50% year-on-year. Although more than 146000 vulnerabilities have been disclosed in the past decade, it is only in recent years that enterprises have accelerated their digital journey, which is mainly driven by the COVID-19, which indicates that the challenge of vulnerability management has not yet reached its peak.
Meanwhile, the exploitation of vulnerabilities as an attack method is becoming increasingly popular. X-Force observed a 33% increase in this type of attack since the previous year, and the two most exploited vulnerabilities observed in 2021 were found in widely used enterprise applications (Microsoft Exchange, Apache Log4J Library). The challenge for businesses in managing vulnerabilities may continue to intensify as digital infrastructure continues to expand, and businesses may become overwhelmed by audit and maintenance requirements, highlighting the importance of operating under assumptions of damage and applying a zero trust strategy to help protect their architecture.

FC-SDI-1624

Attackers aim at consistent targets in the cloud
In 2021, X-Force observed more attackers turning their targets towards containers similar to Docker – according to RedHat’s data, Docker is the primary container running engine to date. In the cloud, widely used container services have become a consistent target for attackers, who are doubling their efforts to maximize their return on investment by utilizing malware that can cross platforms and serve as a springboard between victim infrastructure and other components.
The 2022 report also issued a warning for threats to continue investing in unique, previously unnoticed Linux malware, with Intezer providing data showing a 146% increase in Linux ransomware with new code. As attackers are still steadily pursuing ways to scale up their attacks through cloud environments, businesses must focus on expanding the visibility of their hybrid infrastructure. A hybrid cloud environment built on interoperability and open standards can help businesses identify blind spots and accelerate and automate their security responses.
The 2022 report also found that:
Asia has become the most severely attacked region – in the global attacks observed by IBM in 2021, Asia was hit by over a quarter of attacks, and in the past year, Asia has experienced more cyber attacks than any other region. In Asia, financial services and manufacturing organizations have been attacked by nearly 60%.
First call, long-term phishing – phishing is the most common cause of cyber attacks in 2021. In X-Force Red’s penetration testing, combined with phone calls, the click through rate of phishing activities doubled.