IBM Report Reveals that Manufacturing Felt Brunt of Cyberattacks in 2021

IBM Security has released its annual X-Force Threat Intelligence Index unveiling how ransomware and vulnerability exploitations together were able to hurt businesses in 2021, further burdening global supply chains, with manufacturing emerging as the most targeted industry.

IBM Security X-Force said that while phishing was the most common cause of cyberattacks in general in the past year, it observed a 33% increase in attacks caused by vulnerability exploitation of unpatched software, a point of entry that ransomware actors relied on more than any other to carry out their attacks in 2021, representing the cause of 44% of ransomware attacks.

The 2022 report details how in 2021 ransomware actors attempted to damage global supply chains with attacks on manufacturing, which became 2021's most attacked industry (23%), replacing financial services and insurance after a long reign. Experiencing more ransomware attacks than any other industry, attackers wagered on the ripple effect that disruption on manufacturing organizations would cause their downstream supply chains to pressure them into paying the ransom. An shocking 47% of attacks on manufacturing were caused due to vulnerabilities that victim organizations had not yet or could not patch, highlighting the need for organizations to prioritize vulnerability management.

The 2022 IBM Security X-Force Threat Intelligence Index maps new trends and attack patterns IBM Security observed and analyzed from its data—drawing from billions of data points ranging from network and endpoint detection devices, incident response engagements, phishing kit tracking, and more.

Some of the top highlights in this year's report include:

  • Ransomware gangs defy takedowns: Ransomware persisted as the top attack method observed in 2021, with ransomware groups showing no sign of stopping, despite the uptick in ransomware takedowns. According to the 2022 report, the average lifespan of a ransomware group before shutting down or rebranding is 17 months.
  • Vulnerabilities expose businesses' biggest "vice”: X-Force reveals that for businesses in Europe, Asia and MEA, unpatched vulnerabilities caused approximately 50% of attacks in 2021, exposing businesses' biggest struggle– patching vulnerabilities.
  • Early warning signs of cyber crisis in the cloud: Cybercriminals are laying the groundwork to target cloud environments, with the 2022 report revealing a 146% increase in new Linux ransomware code and a shift to Docker-focused targeting, potentially making it easier for more threat actors to leverage cloud environments for malicious purposes.

"Cybercriminals usually chase the money. Now with ransomware they are chasing leverage," said Charles Henderson, head of IBM X-Force. "Businesses should recognize that vulnerabilities are holding them in a deadlock?as ransomware actors use that to their advantage. This is a non-binary challenge. The attack surface is only growing larger, so instead of operating under the assumption that every vulnerability in their environment has been patched, businesses should operate under an assumption of compromise, and enhance their vulnerability management with a zero trust strategy."

To access the report, go to