May 2022 marks the one year anniversary of the massive cyber attack on energy pipeline operator Colonial Pipeline. The attack subsequently led to widespread fuel shortages along the East Coast. The investigation by the US Department of Transportation’s Pipeline and Hazardous Materials Safety Administration (PHMSA) concluded that management failings at the company are ultimately responsible, resulting in a possible $1m civil penalty.
The Colonial Pipeline attack alerted the public to the destructive power of a single, well-targeted attack. The incident demonstrated how it can bring critical infrastructures, in government and business alike, to its knees.
While the attack has become a wake-up call for most organizations, there are still 29% of companies surveyed across the globe who believe “that won’t happen to us”. These days, your business does not have to be an industry giant like Colonial Pipeline to be a target of cyber criminals.
In a digitally connected world, all organizations are vulnerable to cyber attacks regardless of size. Some are just more attractive targets than others. Here are the top 10 industries that are most in danger from digital assaults according to the 2021 X-Force Threat Index Report.
1. Finance and Insurance
Roughly 28% of attacks on finance and insurance were server access attacks, and 10% of attacks involved ransomware.
Since 2016, the finance and insurance sector has been ranked as the most-attacked industry, a position it continued to hold in 2020. Financial institutions experienced 23% of all attacks IBM X-Force analyzed in 2020, up from the 17% of attacks the sector experienced in 2019.
21% of ransomware attacks targeted the manufacturing sector. Remote access trojan and BEC (Business Email Compromise) attacks happen 4X more in manufacturing companies than in any other industry. BEC is an exploit in which an attacker obtains access to a business email account and imitates the owner’s identity, in order to defraud the company and its employees, customers or partners.
The 3rd most attacked industry suffered roughly 35% of attacks consisting mainly of attempted data theft and leaks. Server access attacks on the energy sector hit organizations hard in 2020, and this industry came in fourth place after health care for the highest number of such attacks.
36% of attacks on retail were credential theft; 18% of attacks on retail were ransomware. As the fourth most attacked sector, retail is a hub of credit card payments and other financial transactions, making it a lucrative target for malicious threat actors.
5. Professional Services
35% of attacks on professional services were ransomware attacks — a higher percentage than any other industry suffered; 13% of attacks on professional services were data theft and another 13% were server access attacks. Professional services holds the same rank as last year, maintaining its attractiveness to attackers because of the confidential data they typically hold on people.
More than one-third (33%) of attacks on government were ransomware — the second highest percentage out of all industries; 25% of attacks on government were attempted data theft and leaks.
The public sector — including defense, public administration and government-provided services — receive 7.9% of all attacks on the top-10 industries. This places the government sector on the same spot as last year’s ranking, suffering 8% of attacks across the list of top 10 most vulnerable industries.
Healthcare saw 28% of ransomware attacks during an especially stressful year with 17% of the incidents involving CVE-2019-19781, a risky vulnerability in the Citrix Application Delivery Controller.
In terms of its ranking, healthcare is up three places from its former number ten spot for having absorbed 6.6% of all attacks on the list. This significant jump is attributed to the COVID19-related ransomware attacks targeting research and treatments. These types of threats continue to affect healthcare and health research organizations today and should signal heightened vigilance.
8. Media and Information Communications
90% of malicious domain name system (DNS) squatting targeted the media, the most spoofed industry. This sector includes telecommunications and mobile communications providers, as well as media and social media outlets that can play a critical role in political outcomes, especially during election years.
Media is targeted by 5.7% of all attacks on the top 10 industries — down from fourth place last year.
The transportation sector experienced 5.1% of all attacks, down from 10% from the previous year. 25% of attacks against transportation in 2020 involved a malicious insider or misconfiguration. Transportation significantly dropped from its top 3 ranking and now placed ninth. The travel bans of the last two years could be attributed to the decrease in attacks.
50% of the attacks on education in 2020 were spam or adware while 10% were ransomware. The education sector suffered 4% of all attacks on the list, moving down from seventh place when it previously received 8% of all attacks.
Although the education industry saw a smaller portion of attacks overall, it remains a vulnerable sector because security budgets are limited where risks are at the highest. This is due to its decentralized network of students and staff accounting for a large attack surface, making it an easy target for cyber criminals.
Does your industry belong to the Top 10 Most Targeted List?
Business operators must assume that in a digitally connected world, cyber attacks are no longer a matter of “if” but “when”. UDTSecure provides its security team and SOC capabilities to enable a 24/7 solution that is fully-integrated into your infrastructure and applications, all as a single service.
24/7 Monitoring & SOC
Threats never take a break, and neither should your security operations solution. UDTSecure provides continuous monitoring and immediate alert and response to security events, with SOC capabilities through a comprehensive interface.
Our managed services and SOC solutions are fully-integrated into your IT infrastructure and applications, giving you a single, comprehensive, centralized approach to security operations.