Ransomware and vulnerability exploitations harming businesses, says IBM Security

IBM Security today released its annual X-Force Threat Intelligence Index unveiling how ransomware and vulnerability exploitations together were able to “imprison” businesses in 2021 further burdening global supply chains, with manufacturing emerging as the most targeted industry globally.

The 2022 report shows that the Middle East and Africa region was the fourth-most attacked region worldwide, while the most attacked countries in the Middle East and Africa were the United Arab Emirates, Saudi Arabia and South Africa.

In the UAE, the report highlights that ransomware was the dominant attack type observed across cyber incidents in the UAE. The number one cause of attacks on UAE organizations was attackers exploiting known and unpatched vulnerabilities in the vast majority of incidents X-Force observed.

The 2022 IBM Security X-Force Threat Intelligence Index maps new trends and attack patterns IBM Security observed and analyzed from its data – drawing from billions of datapoints ranging from network and endpoint detection devices, incident response engagements, phishing kit tracking and more –­ including data provided by Intezer.

Some of the top highlights in this year’s report include:

Ransomware Gangs Defy Takedowns. Ransomware persisted as the top attack method observed globally in 2021, with ransomware groups showing no sign of stopping, despite the uptick in ransomware takedowns. According to the 2022 report, the average lifespan of a ransomware group before shutting down or rebranding is 17 months.

Ransomware and server access attacks were the top attack types observed in the Middle East and Africa, tying for first place each representing 18% of attacks. Misconfiguration followed closely at 14%.

Vulnerabilities Expose Businesses’ Biggest “Vice”. X-Force reveals that 50% of attacks against businesses in the Middle East and Africa were caused by unpatched vulnerabilities, exposing businesses’ biggest struggle– patching vulnerabilities.

Early Warning Signs of Cyber Crisis in the Cloud. Cybercriminals are laying the groundwork to target cloud environments, with the 2022 report revealing a 146% increase in new Linux ransomware code and a shift to Docker-focused targeting, potentially making it easier for more threat actors to leverage cloud environments for malicious purposes.

“Cybercriminals recognized the opportunity to capitalize on the rapid digital adoption in the UAE and took full advantage of unpatched vulnerabilities to successfully infiltrate organizations,” said Wael Abdoush, General Manager, IBM Gulf & Levant and Pakistan. “As cybercriminals became increasingly sophisticated, open hybrid cloud environments can provide an opportunity for businesses to enhance and extend their visibility into suspicious activity on their networks and more quickly respond to cyber threats in their environments.”