Cyberattacks swarmed Asia in 2021

Manufacturing was the most targeted industry globally in 2021, as ransomware and vulnerability exploitations together were able to “imprison” businesses, according to the IBM X-Force Intelligence Index.

While phishing was the most common cause of cyberattacks in general in the past year, IBM Security X-Force observed a 33% increase in attacks caused by vulnerability exploitation of unpatched software, a point of entry that ransomware actors relied on more than any other to carry out their attacks in 2021.

This represented the cause of 44% of ransomware attacks in 2021, as ransomware actors attempted to “fracture” the backbone of global supply chains with attacks on manufacturing.

Experiencing more ransomware attacks (23%) than any other industry, attackers wagered on the ripple effect that disruption on manufacturing organisations would cause their downstream supply chains to pressure them into paying the ransom. 

Almost half (47%) of attacks on manufacturing were caused due to vulnerabilities that victim organisations had not yet or could not patch, highlighting the need for organisations to prioritise vulnerability management.

Experiencing over one in every four attacks that IBM observed globally in 2021, Asia saw more cyberattacks than any other region in the past year. Financial services and manufacturing organisations together experienced nearly 60% of attacks in Asia.

In Asia including Australia and the Pacific Islands, server access attacks (20%) and ransomware (11%) were the top two attack types of Asian organisations in 2021, followed closely by data theft (10%).

The high percentage of server attacks suggests that Asian firms are adept at identifying attacks quickly before they escalate in to more concerning attack types. Remote access trojans and adware tied for fourth place, at 9% of attacks.

In Asia, REvil made up 33% of ransomware attacks, and Bitlocker, Nefilim, MedusaLocker and Ragnar Locker were significant players as well.

Vulnerability exploitation and phishing tied for the top infection vector at Asian organisations in 2021, both leading to 43% of attacks observed in the region.

Brude force (7%) and use of stolen credentials (7%) were also occasionally used to gain initial access to networks.

In Asia, finance and insurance firms were attacked most frequently, making up 30% of the incidents X-Force remediated, followed closely by manufacturing (29%) and then more distantly by professionaly and businesses services (13%) and transportation (10%).

Globally, finance and insurance was the top-attacked industry X-Force observed from 2015-2020, so Asia experienced a continuation of this worldwide trend X-Force has observed for years.

Japan, Australia and India were the most-attacked countries in Asia.