Learning Library

← Back to Library

IBM X-Force Threat Intelligence Highlights

3m • Unknown Channel • security • news • intermediate • Watch on YouTube ↗

Key Points

IBM’s 2021 X‑Force Threat Intelligence Index highlights ransomware as the leading attack type, though its remediation rate fell about 9% year‑over‑year.
Supply‑chain security surged to a top priority for governments, while vulnerability exploitation was the primary initial attack vector in the manufacturing sector.
Phishing kits in 2021 most often impersonated major brands, with Microsoft, Apple, and Google topping the list of targets.
The report recommends three core security principles: adopt Zero Trust to limit lateral movement, implement security automation to speed incident response, and use extended detection and response (XDR) to out‑detect attackers.
Organizations should take concrete steps such as creating a ransomware response plan, strengthening network segmentation, automating threat‑remediation workflows, and expanding XDR visibility to better defend against the identified threats.

Sections

00:00:00 IBM X-Force Threat Index Review - The episode breaks down the 2021 IBM X‑Force Threat Intelligence Index, highlighting ransomware’s continued prevalence, heightened supply‑chain concerns, vulnerability exploitation in manufacturing, and the widespread use of phishing kits by cybercriminals.

Full Transcript

# IBM X-Force Threat Intelligence Highlights **Source:** [https://www.youtube.com/watch?v=izu86uUbpbs](https://www.youtube.com/watch?v=izu86uUbpbs) **Duration:** 00:03:51 ## Summary - IBM’s 2021 X‑Force Threat Intelligence Index highlights ransomware as the leading attack type, though its remediation rate fell about 9% year‑over‑year. - Supply‑chain security surged to a top priority for governments, while vulnerability exploitation was the primary initial attack vector in the manufacturing sector. - Phishing kits in 2021 most often impersonated major brands, with Microsoft, Apple, and Google topping the list of targets. - The report recommends three core security principles: adopt Zero Trust to limit lateral movement, implement security automation to speed incident response, and use extended detection and response (XDR) to out‑detect attackers. - Organizations should take concrete steps such as creating a ransomware response plan, strengthening network segmentation, automating threat‑remediation workflows, and expanding XDR visibility to better defend against the identified threats. ## Sections - [00:00:00](https://www.youtube.com/watch?v=izu86uUbpbs&t=0s) **IBM X-Force Threat Index Review** - The episode breaks down the 2021 IBM X‑Force Threat Intelligence Index, highlighting ransomware’s continued prevalence, heightened supply‑chain concerns, vulnerability exploitation in manufacturing, and the widespread use of phishing kits by cybercriminals. ## Full Transcript

0:00findings analysis and recommendations 0:02from the annual x-force threat 0:04intelligence index all on this episode 0:06of ibm cloud now 0:08what's up y'all my name is ian and i am 0:10back to bring you the latest and 0:12greatest news and announcements from ibm 0:14cloud 0:15we're doing something a little special 0:16this week and the entire episode will be 0:18dedicated to covering the annual ibm 0:20security x-force threat intelligence 0:22index report which was just released 0:25the threat intelligence index maps new 0:27trends and attack patterns we observed 0:29and analyzed from our data 0:31these were drawn from billions of data 0:33points ranging from network and endpoint 0:35detection devices incident response 0:38engagements domain name tracking and 0:40more 0:41given the volatile landscape and the 0:43evolution of both threat types and 0:44threat vectors you need threat 0:46intelligence insights more than ever to 0:48stay ahead of attackers and fortify your 0:50critical assets 0:52in terms of report highlights ransomware 0:54was the top attack type again in 2021 0:57although the percentage of ransomware 0:59attacks x-force remediated decreased 1:01nearly nine percent year-over-year 1:03we also saw that supply chain security 1:05was pushed to the forefront of 1:07government and policymakers attention 1:09and vulnerability exploitation was the 1:11top initial attack vector in 1:12manufacturing an industry grappling with 1:15the effects of supply chain pressures 1:17and delays 1:18x-force also closely tracked how cyber 1:20criminals were using phishing kits 1:22throughout 2021 1:23and the research revealed that microsoft 1:25apple and google were the top three 1:27brands criminals attempted to mimic 1:30overall the report findings present some 1:32pretty scary stuff but our intention is 1:34for this information to empower your 1:36organization and help build confidence 1:38in the actions you need to take to 1:40combat these threats 1:42to that end there were three main 1:43security principles x-force has found 1:45helpful in combating today's cyber 1:47threats 1:48first zero trust assists in decreasing 1:51risk of top attacks 1:53xero trust is a new way of approaching 1:55security problems that assumes a breach 1:57has already happened and aims to 1:58increase the difficulty for an attacker 2:00to move throughout a network 2:02second security automation enhances 2:05incident response speed is of the 2:07essence and automating processes can 2:09save you precious time 2:11and third extended detection and 2:13response gives a significant advantage 2:15over attackers 2:17simply put detection and response 2:19technologies provide organizations with 2:21a big advantage in identifying and 2:23eradicating attackers from a network 2:25before they are able to reach the final 2:27stage of their attack 2:29there's more valuable information in the 2:30threat intelligence index that i could 2:32ever begin to cover in this short video 2:34so i'll close this episode with four 2:36specific actions organizations can take 2:38to better secure their networks against 2:40the threats presented in the report 2:42number one develop a response plan for 2:45ransomware every industry and every 2:47geography is at risk of a ransomware 2:49attack and how your team responds to the 2:51critical moment can make all the 2:53difference in the amount of time and 2:54money lost in a response 2:57two 2:57implement multi-factor authentication on 3:00every remote access point into a network 3:02this forces threat actors to find new 3:04ways of compromising networks rather 3:06than leveraging stolen credentials 3:09number three adopt a layered approach to 3:11combat fishing there is no one tool or 3:14solution so several layers of solutions 3:16have a higher chance of catching 3:18phishing emails 3:20number four refine and mature your 3:22vulnerability management system 3:24as i said there's a ton of really good 3:26information in the threat intelligence 3:28index and i encourage you to give the 3:29whole thing a read to access the full 3:31report click the link in the description 3:33of this video 3:34thanks so much for joining me today for 3:36this episode of ibm cloud now if you're 3:38interested in learning more about the 3:39topics i've covered make sure you 3:40explore the links in the description of 3:42this video and again please don't forget 3:44to subscribe to our channel to stay up 3:46to date on what's going on in the cloud 3:48now