IBM Security’s X-Force Threat Intelligence Index has revealed that the Middle East and Africa (MEA) region experienced steady levels of ransomware incidents at 18% in 2022, while globally, defenders were more successful in detecting and preventing ransomware attacks. Despite this, attackers have continued to innovate, with the average time to complete a ransomware attack dropping from two months to less than four days globally. The report highlighted that backdoor deployments, which enable remote access to systems, emerged as the most common action by attackers in the MEA region, with 27% of cases detected in 2022.
The report also revealed that the deployment of backdoors in the region can be partially attributed to their high market value, with existing backdoor access selling for up to $10,000, compared to stolen credit card data, which sells for less than $10 per card today. To combat these evolving cyber threats, Frida Kleimert Knibbs, Security Leader at IBM MEA, emphasised the importance of threat intelligence in safeguarding against these threats. She highlighted the critical role of proactive security risk management and evolving incident response planning to address the ever-evolving cybersecurity landscape.
The report’s key findings indicate that extortion was the most common impact from cyberattacks in 2022, primarily achieved through ransomware or business email compromise attacks. Extortion and financial loss each accounted for half of identified impacts in incidents across the MEA region in 2021. The manufacturing industry was the most extorted globally in 2022 and the most attacked industry for the second consecutive year. The report revealed that manufacturing organisations are an attractive target for extortion due to their low tolerance for downtime.
The report also highlighted a significant rise in thread hijacking in 2022, with attackers using compromised email accounts to pose as the original participant in ongoing conversations. This tactic enabled the delivery of malicious software that often resulted in ransomware infections. The report also revealed that legacy exploits enabled older malware infections, such as WannaCry and Conficker, to continue to exist and spread. In addition, the number of cybercriminals targeting credit card information in phishing kits dropped 52% globally in one year, indicating that attackers are prioritising personally identifiable information such as names, emails, and home addresses.
In the MEA region, the finance and insurance industry was the most targeted, accounting for 44% of incidents in 2022. Professional, business, and consumer services accounted for 22% of attacks, while manufacturing and energy tied for third place at 11%. Overall, the report offers valuable insights into the global threat landscape and informs the security community about the most relevant threats to their organisations. Organisations across the MEA region should remain vigilant and prioritise threat intelligence to strengthen their defences against these evolving cyber threats.
Download a copy of the 2023 IBM Security X-Force Threat Intelligence Report here.
