Asia was the most-attacked region by cyber-criminals in 2021, accounting for one in four attacks globally, and India was among the top three nations that experienced the most server access and ransomware attacks in the region, a new report showed on Thursday.
Server access attacks (20 percent) and ransomware (11 percent) were the top two attack types on Asian organizations in 2021, followed closely by data theft (10 percent).
“Japan, Australia, and India were the most-attacked countries in Asia. The high percentage of server access attacks in Asia suggests that Asian organizations are adept at identifying attacks quickly before they escalate into more concerning attack types,” said researchers from IBM’s X-Force Threat Intelligence team.
Remote access trojans and adware tied for fourth place, at 9 percent of attacks.
In Asia, REvil made up 33 percent of ransomware attacks, and Bitlocker, Nefilim, MedusaLocker, and Ragnar Locker were significant players as well.
Vulnerability exploitation and phishing tied for the top infection vector at Asian organizations in 2021, both leading to 43 percent of attacks observed in the region.
Brute force (7 percent) and use of stolen credentials (7 percent) were also occasionally employed to gain initial access to networks.
In Asia, finance and insurance organizations were attacked most frequently, making up 30 percent of the incidents X-Force remediated, followed closely by manufacturing (29 percent) and then more distantly by professional and business services (13 percent) and transportation (10 percent).
“The high portion of server access attacks might point to Asian organizations’ ability to identify such attacks quickly before they escalated to more critical forms of attacks, said the IBM team.
Europe and North America followed closely behind, garnering 24 percent and 23 percent of attacks, respectively, and the Middle East and Africa and Latin America received 14 percent and 13 percent of attacks, respectively.
“Experiencing more ransomware attacks than any other industry, attackers wagered on the ripple effect that disruption on manufacturing organizations would cause their downstream supply chains to pressure them into paying the ransom,” the report stressed.