IBM: Ransomware incidents are down, but attacks are faster

Ransomware incidents were down slightly from 2021 but 2022, but the cyber miscreants behind the attacks became faster in creating digital disruptions, according to the newly published X-Force Threat Intelligence finding from IBM (NYSE:IBM) Security.

The new report determined that while the share of incidents declined by four percentage points from 2021 to 2022, the average time to complete a ransomware attack dropped from two months down to less than four days.

“The shift towards detection and response has allowed defenders to disrupt adversaries earlier in the attack chain ”“ tempering ransomware’s progression in the short term,” said Charles Henderson, head of IBM Security X-Force. “But it’s only a matter of time before today’s backdoor problem becomes tomorrow’s ransomware crisis. Attackers always find new ways to evade detection. Good defense is no longer enough. To break free from the never-ending rat race with attackers, businesses must drive a proactive, threat-driven security strategy.”

According to the new report, the deployment of backdoors ”“ which allow remote access to systems ”“ was the top action by attackers last year. Slightly more than two-thirds backdoor cases related to ransomware attempts involved defenders that were able to detect the backdoor before ransomware was deployed.

Manufacturing was the most attacked and the most extorted industry in 2022. The most common impact from cyberattacks in 2022 was extortion, which was primarily achieved through ransomware or business email compromise attacks. Europe was the most targeted region for this method, representing 44% of extortion cases observed, as threat actors sought to exploit geopolitical tensions. However, Asia saw more cyberattacks than any other region, manufacturing accounting for nearly half of all cases observed across that continent last year.