X-Force Threat Intelligence Index

Share this post:

Author: Stephen Burmester, Asia Pacific Leader, X-Force Incident Response

Extraordinary circumstances defined 2020, from a global pandemic and economic turmoil to social and political unrest. Against this backdrop, cyber adversaries sought to exploit the necessities of communication networks, target supply chains and critical infrastructure, and reap profits by doubling down on ransomware, data theft and extortion. 

By analysing billions of these data points collected by the IBM Security X-Force team across 2020, the X-Force Threat Intelligence Index has been developed to help you understand this rapidly evolving cyberthreat landscape. Intended for use by security teams, risk professionals and both technology and business leaders, the report sheds light on the most significant threats organisations face to help calibrate security strategies and ensure resource availability to meet these challenges. 

Ransomware is rising

Ransomware was the number one threat type of 2020, making up 23% of all incidents the IBM Security X-Force team responded to. A conservative estimate of the profits from ransomware attacks made by the cyber-adversary Sodinokibi (also known as REvil) alone in 2020 total at least USD 2.1 billion. While two-thirds of victims paid the ransom to protect and release their data, 43% also had their data leaked. 

Operational Technology organisations are key targets

While financial services remained the most-attacked industry, manufacturing became the second-most attacked industry in 2020, rising from eighth in 2019. Energy also rose from ninth to third in 2020. These results indicate a broader trend of attacks on Operational Technology organisations, with a 49% growth in industrial control systems vulnerabilities from 2019 to 2020.   

Healthcare under attack

From last place out of the top ten industries attacked in 2019, healthcare jumped to the seventh most-attacked sector in 2020. A ransomware attack on a German hospital last year sadly resulted in a patient’s death, the first time a cyber-attack has been connected to the loss of human life. Unfortunately, this hospital was not alone, with several others becoming the targets of ransomware attacks last year. 

In mid-2020, the IBM Security X-Force team also uncovered a global phishing campaign that reached more than 100 high-ranking executives of a task force seeking to acquire personal protective equipment (PPE) for front line responders of COVID-19.

Threat actors are evolving their malware, particularly to target Linux, the open-source code that often supports business-critical cloud infrastructure and data storage. The number of new Linux-related malware families discovered in 2020 was 56, its highest level ever and a 40% increase above those discovered in 2019. 

Server attacks saw a significant 233% increase from 2019, becoming the third most common attack type in 2020. 

Increased Linux and server attacks

These findings reveal a cyber threat landscape that is rapidly evolving to target new technologies, key industries, and those in executive roles. Additionally, the cost is worsening for the victims of cyberattacks – from the billions of dollars paid to ransomware attackers to the first-recorded death linked to a cyberattack. 

To learn more about the global cyber threat landscape, and how you can better protect your organisation, download the full report here.