The manufacturing industry overtook finance and insurance to become the ‘most attacked’ industry last year, according to research from IBM’s X-Force cybersecurity intelligence division.

An ‘onslaught’ of ransomware and email compromise attacks pushed the manufacturing industry into the top spot for the first time, the research reveals. Nearly a quarter (23%) of all attacks remediated by IBM X-Force in 2021 were directed towards manufacturing companies, up from 18% in 2020.

The criminals behind these attacks may have been looking for weak points through which to conduct supply chain attacks on more valuable, better-defended targets, IBM X-Force suggests in its report. They were “probably seeking to capitalise on the many supplier, sub-supplier, and wholesale shipping relationships manufacturing organisations develop," it says.

Many manufacturers started managing their industrial control systems remotely during the pandemic. But according to US cybersecurity agency CISA, this has put their IT security practices under strain, as it increased the chance of outside interference.

Meanwhile, securing operational technology, such as manufacturing equipment, has become a highly specialised skillset. "Managing cybersecurity risks in an [industrial control systems] environment requires a blend of skills that has become onerous to maintain while facing pandemic-driven changes," CISA warned in December.

Ransomware tops cybersecurity threat list

Ransomware was the dominant form of cybersecurity attack in 2021, IBM X-Force's data reveals. In Europe, it made up more than a quarter of all attacks recorded by the company. And one group was responsible for 38% of ransomware attacks in the region: REvil, best known for last year's attack on JBS, the world's largest meat processor.

“Vulnerability exploitation”, in which attackers use flaws in software to infiltrate systems, was the top infection vector used against European organisations, accounting for 46% of all incidents that X-Force remediated. 

Attackers were “overwhelmingly exploiting unpatched vulnerabilities to infiltrate victim environments in 2021, highlighting the importance of adopting a zero trust approach to security,” says Laurance Dine, global partner of IBM’s X-Force Incident Response team.

He added that organisations should operate “under the assumption of compromise by putting the proper controls in place to defend their environment and protect critical data.”

Cyberattacks go global

Cyberattacks became more globally distributed in 2021, the IBM X-Force report reveals. The proportion of attacks recorded in Latin America and the Middle East and Africa grew to 14% and 13% respectively, while Asia's share overtook Europe and North America to reach 26%. "A flurry of attacks on Japan in particular – potentially related to the Summer Olympic Games held in Japan in 2021 – appear to have contributed to this attack trend," IBM X-Force writes.

The UK was among the most-attacked countries in Europe, the report reveals. “Our research shows attackers are focusing on sectors of critical national importance that possess highly valuable, sensitive data and assets, such as energy, financial services and manufacturing,” says Dine. “These are substantial industries in the UK and being Europe’s second-largest economy, this makes the country an attractive and potentially lucrative target for adversaries.”