IE11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.
Contributed

IBM Threat Intelligence Report: Ransomware Persisted Despite Improved Detection in 2022

March 10, 2023 • 
IBM
IBM Security released its annual X-Force Threat Intelligence Index finding that although ransomware's share of incidents declined only slightly (4 percentage points) from 2021 to 2022, defenders were more successful detecting and preventing ransomware. Despite this, attackers continued to innovate with the report showing the average time to complete a ransomware attack dropped from 2 months down to less than 4 days.

According to the 2023 report, the deployment of backdoors, which allow remote access to systems, emerged as the top action by attackers last year. About 67% of those backdoor cases related to ransomware attempts, where defenders were able to detect the backdoor before ransomware was deployed. The uptick in backdoor deployments can be partially attributed to their high market value. X-Force observed threat actors selling existing backdoor access for as much as $10,000, compared to stolen credit card data, which can sell for less than $10 today.

"The shift towards detection and response has allowed defenders to disrupt adversaries earlier in the attack chain - tempering ransomware's progression in the short term," said Charles Henderson, Head of IBM Security X-Force. "But it's only a matter of time before today's backdoor problem becomes tomorrow's ransomware crisis. Attackers always find new ways to evade detection. Good defense is no longer enough. To break free from the never-ending rat race with attackers, businesses must drive a proactive, threat-driven security strategy."

The IBM Security X-Force Threat Intelligence Index tracks new and existing trends and attack patterns – pulling from billions of datapoints from network and endpoint devices, incident response engagements and other sources.

Some of the key findings in the 2023 report include:

  • Extortion: Threat Actors Go-to Method. The most common impact from cyberattacks in 2022 was extortion, which was primarily achieved through ransomware or business email compromise attacks. Europe was the most targeted region for this method, representing 44% of extortion cases observed, as threat actors sought to exploit geopolitical tensions.
  • Cybercriminals Weaponize Email Conversations. Thread hijacking saw a significant rise in 2022, with attackers using compromised email accounts to reply within ongoing conversations posing as the original participant. X-Force observed the rate of monthly attempts increase by 100% compared to 2021 data.
  • Legacy Exploits Still Doing the Job. The proportion of known exploits relative to vulnerabilities declined 10 percentage points from 2018 to 2022, due to the fact that the number of vulnerabilities hit another record high in 2022. The findings indicate that legacy exploits enabled older malware infections such as WannaCry and Conficker to continue to exist and spread.

Register and read this report and find out more about these findings and how you can improve your security posture. For any questions or requests contact your IBM Representative today.

IBM
About IBM

In business for more than 100 years, International Business Machines Corporation (IBM) is a widely held, publicly traded company listed on the New York Stock Exchange. Originally called the Computing Tabulating Recording Company, it was incorporated in the State of New York in 1911 and manufactured products ranging from commercial scale and industrial time recording equipment to tabulators and punched cards. It was renamed International Business Machines Corporation (IBM) in 1924.

IBM is one of the world's largest information technology companies, operating in over 175 countries with over 264,300 full-time employees. The company creates value for clients by providing integrated solutions and products that help them transform their businesses and engage with their customers and employees in new ways. These solutions draw from an industry-leading portfolio of consulting and IT implementation services, cloud, digital, and cognitive offerings, and enterprise systems and software, all bolstered by one of the world's leading research organizations.

IBM Technology is addressing the hybrid cloud and AI opportunity with a platform-centric approach, focused on providing client value through a combination of technology and business expertise. We provide integrated solutions and products that leverage data, information technology, deep expertise in industries and business processes, with trust and security and a broad ecosystem of partners and alliances. Our hybrid cloud platform and AI technology and services capabilities support clients' digital transformations and help them engage with their customers and employees in new ways. These solutions draw from an industry-leading portfolio of capabilities in software, consulting services, and a deep incumbency in mission-critical systems, all bolstered by one of the world's leading research organizations.

IBM Consulting delivers business transformation, technology consulting, and application operations by leveraging hybrid cloud and AI technologies from IBM, along with our ecosystem partners. To support our hybrid cloud strategy, we built up the Red Hat business to over $2.5 billion. We are pursuing a similar approach for our AI strategy with over 16,000 accredited consultants. We have also scaled our focus on the ecosystem to create multi-billion-dollar partnerships with AWS, Microsoft, and SAP. Our consulting capabilities help clients to realize value from their digital transformations, for example, a global provider of business decisioning data and analytics is leveraging watsonx for a procurement solution to improve savings, reduce time, and mitigate risk.

For more information, please visit our website at http://www.ibm.com.
See More Stories by IBM
gov-footer-logo-2024.png
GT-footer-logo.png
II-footer-logo.png
NAV-footer-logo.png
CDG-footer-logo.png
CDE-footer-logo.png
CPSAI-footer-logo.png
EM-footer-logo.png