The year 2020 was without a doubt one of the most consequential and transformational in recent memory: A global pandemic, economic turmoil impacting millions of people’s lives, and social and political unrest. The reverberations from these events affected businesses in profound ways, with many making a major shift to distributed workforces.
In the cyber realm, the extraordinary circumstances in 2020 handed cyber adversaries opportunities to exploit the necessities of communication networks and provided rich targets in supply chains and critical infrastructure. The year ended as it began, with the discovery of a globally consequential threat that required rapid response and remediation. An attack which has largely been attributed to a nation state actor, which leveraged a backdoor in network monitoring software to attack government and private sector organizations, demonstrated how third-party risk should be anticipated, but can’t be predicted.
To help meet the challenges of these times, IBM Security X-Force assesses the cyber threat landscape and assists organizations in understanding the evolving threats, their associated risk, and how to prioritize cybersecurity efforts. In addition to the premium threat intelligence we provide to customers, we analyze the wealth of data we gather to produce the X-Force Threat Intelligence Index, an annual check-in on the threat landscape and how it’s changing.
Among the trends that we tracked, ransomware continued its surge to become the number one threat type, representing 23% of security events X-Force responded to in 2020. Ransomware attackers increased the pressure to extort payment by combining data encryption with threats to leak the data on public sites. The success of these schemes helped just one ransomware gang reap profits of over $123 million in 20201, according to X-Force estimates.
Manufacturing organizations weathered an onslaught of ransomware and other attacks in 2020. The manufacturing industry overall was the second-most targeted, after finance and insurance, having been the eighth-most targeted industry in 2019. X-Force discovered sophisticated attackers using targeted spear phishing campaigns in attacks against manufacturing businesses and NGOs involved in the COVID-19 vaccine supply chain.
Threat actors were also innovating their malware, particularly malware that targeted Linux, the open source code that supports business-critical cloud infrastructure and data storage. Analysis by Intezer discovered 56 new families of Linux malware in 2020, far more than the level of innovation found in other threat types.
There is reason to hope that 2021 will shape up to be a better year. Trends are notoriously hard to predict, but the one constant thing we can rely on is change. Resilience in the face of rising and falling challenges in cybersecurity requires actionable intelligence and a strategic vision for the future of a more open, connected security.
In the spirit of strength through community, IBM Security is pleased to offer the 2021 X-Force Threat Intelligence Index. The findings in this report can help security teams, risk professionals, decision-makers, researchers, the media and others, understand where threats have been in the past year and help prepare for whatever comes next.