The businesses that I have encountered that are still reluctant to purchase cyber liability insurance typically will explain that aside for budgetary reasons, they don’t think they are a prime target and/or believe the risk is minimal. IBM Security X-Force recently published its research on current cyber criminal activity and some of the data may be surprising and may provide motivation to those still hesitant to reconsider their reticence.
Manufacturing was the industry most targeted by hackers during 2021, accounting for 23.2% of incidents, edging out insurance and financial services by a slim margin. IBM reported hackers are pressuring manufacturers into paying ransoms by leveraging the downstream impact that occurs when production is disrupted. Along the same lines, a previous post of mine a while back warned of hacking attacks against general contractors that cause disruptions to construction projects. “Cybercriminals usually chase the money. Now with ransomware, they are chasing leverage,” Charles Henderson, head of IBM X-Force, said in a statement.
Ransomware continues to be the top attack type, accounting for 21% of incidents remediated by IBM X-Force, but its consistency fluctuates depending on the time of year. “Triple extortion” is an emerging ransomware trend to be aware of. Hackers will encrypt and steal data as well as threaten to deploy a distributed denial-of-service attack against the targeted victim. This means the organization is “held hostage with two kinds of malicious attacks — often simultaneously — and are then further victimized by the theft (and often leak) of data,” according to the report.