For the third year in a row, ransomware was the top type of attack globally in 2021, despite some successes last year by authorities in taking down ransomware groups. This was one of the key findings of IBM Security's latest research published in the 10th annual X-Force Threat Intelligence Index, a comprehensive view of the global threat landscape based on data collected from January to December 2021.
The report underscores the resilience of ransomware, which earns millions of dollars for cybercriminal gangs and threatens to disrupt businesses, supply chains and entire industries. Manufacturing has taken the brunt of these attacks as the industry has risen in the rankings to be the most attacked industry, surpassing finance and insurance for the first time since 2016.
Additionally, the report highlights the resurgence of phishing attacks as the top initial attack vector in the past year. Vulnerability exploitation was just behind phishing as the number two attack vector, while the number of disclosed vulnerabilities continues to rise to record highs. The vulnerability in Apache Log4j was quickly exploited after it was discovered in December, showing threat actors' ability to leverage newly disclosed security vulnerabilities to launch their attacks.
Below, we go into more detail about these key findings and provide some key recommendations for combating these threats during a time of constant change.