IBM has revealed several trends dominating the threat landscape in its X-Force Threat Intelligence Index 2021 report. It is a yearly assessment, covering data and findings from January to December 2020.

What’s in the report?

The assessment report uncovered that Linux-related malware threats are rising and cybercriminals are spoofing top technology brands and shifting their tactics in response to the evolving COVID-19 situation.
  • X-Force collaborator Intezer discovered that Linux-based malware rose at 40% year-over-year from 2019 to 2020. It has recorded a growth of 500% from 2010 to 2020.
  • Cybercriminals are making heavy investments in creating new Linux crypto-mining malware
  • Ransomware strains including RansomEXX and SFile have turned up with Linux versions. In addition, top threat actors including ITG14, ITG05, and ITG11 were observed creating Linux variants of their own malware.

Additional insights

The X-Force Threat Intelligence Index 2021 report reveals more changes in the cyber threat landscape worldwide.
  • Besides the creation of Linux malware variants, big game hunting ransomware groups were discovered to be exploiting cloud services, such as MEGA or pCloud, to save and leak victim data.
  • In 2020, cybercriminals exploited consumer’s trust in well-known brands, such as Google, YouTube, Facebook, and Amazon, by creating malicious domains and fake websites mimicking these companies.
  • IBM spotted a huge increase in COVID-19-related spam campaigns in March and April 2020, resulting in over 6,000% increase. From June 2020, COVID-19-related scams dropped to 1% of all the observed spam. This trend is likely to continue in 2021 as well.


With the ever-increasing threat of the second wave of COVID-19, it can be said that cybercriminals may again try to use similar tricks to lure more victims. In such situations, reports like these can assist organizations to better understand the evolution of threats, assess risk, and prioritize cybersecurity efforts.

Cyware Publisher