SOME OF THE MOST VULNERABLE INDUSTRIES TO CYBER ATTACKS

Cybercrime – Statistics

These are the data compiled based on the public sources from the cyber-attack timelines that have been reported so far in 2021.

  • With 86 percent of the vote, cybercrime is the most popular motivation (it was 85.82 percent in Q1 2020.)
  • Malware continues to lead the Attack Techniques chart with 32.3 percent (it was 37.8 percent in Q1 2020, but one must take into account that too many ransomware attacks appear as “Unknown”).
  • With 16.7%, multiple industries topped the Target Distribution chart.

(Source: https://www.hackmageddon.com/)

Some of the Most Vulnerable Industries to Cyber Attacks

Regardless of the fact that cybercriminals rarely discriminate, some industries are more vulnerable than others. So, here are some of the industries and sectors that are most vulnerable to cyber assaults and breaches:

Let’s first look at the latest hack that happened on May 7, 2021, which hit the headlines as “Colonial Pipeline attack.

Pipeline

In the United States, there are more than 2.7 million miles of pipeline. Hazardous liquids such as crude oil, diesel fuel, gasoline, and jet fuel are transported over a distance of approximately 216,000 miles. There are currently around 3,000 pipeline firms.

Colonial Pipeline, a privately held company, is one of the country’s largest pipeline operators, supplying nearly 45 percent of the East Coast’s fuel, including gasoline, diesel, home heating oil, jet fuel, and military supplies. According to the corporation, it transports approximately 100 million gallons of fuel a day from Texas to New York.

On May 7, 2021, Colonial Pipeline announced that it had been forced to shut down operations due to a cyberattack and freeze IT systems.

According to reports, this action “temporarily froze all pipeline operations,” and cybersecurity firm FireEye, which runs the Mandiant cyber forensics team, was called in to help.

What did happen was that Colonial Pipeline’s networks were hit by a ransomware attack linked to the DarkSide organization.

The starting assault vector is obscure, but it may have been ancient, unpatched powerlessness in a framework; a phishing e-mail that effectively tricked a staff; the utilize of already spilled get to qualifications acquired or gotten somewhere else, or any of a number of other cybercriminal strategies utilized to invade a company’s network. It’s worth noticing that DarkSide administrators focused on corporate frameworks instead of operational frameworks, inferring that the objective was to create cash instead of bringing the pipeline down.

DarkSide may be a Ransomware-as-a-Service (RaaS) group that provides its claim brand of malware to clients on a membership premise. The ransomware is, as of now, in adaptation 2. According to IBM X-Force, the malware, once conveyed, takes information, scrambles frameworks utilizing Salsa20 and RSA-1024 encryption conventions, and executes an encoded PowerShell command to erase volume shadow copies.

At the time of the assault, supply deficiency concerns incited gasoline prospects to reach their most elevated level in three a long time. The request has risen, but drivers are being encouraged not to freeze purchase, as this may affect costs that have already increased due to the pipeline disturbance by six cents per gallon within the past week.

With normal operations adversely impacted,  the nation will likely see fluctuations and possibly a rise in prices owing to demand in fuel supplies over affected regions within the US.

On May 13, Bloomberg detailed that the company paid a ransom request of nearly $5 million in return for a decoding key.

What should the Pipeline companies do to comply?

Indeed not another “check-the-box kind of compliance” regime. The Department of Homeland Security is aiming for the first time to regulate cybersecurity in the pipeline business.

Officials said the Department of Homeland Security’s new cybersecurity rules for pipeline businesses are just the “first step” in a “multi-pronged” attempt to prevent a repeat of the deadly Colonial Pipeline ransomware assault. DHS is all set to issue the first cybersecurity regulations for pipelines.

Pipeline firms must alert the Cybersecurity and Infrastructure Security Agency (CISA) within 12 hours if a hack interferes or threatens to impair their operations, according to the “Round 1” standards.

According to TSA’s new security mandate, pipeline firms must disclose cyber events to TSA and CISA and have a cyber official — such as a chief information security officer — with a direct line to TSA and CISA to report an attack 24 hours a day, seven days a week. It will also compel businesses to review their systems’ security in comparison to existing cyber rules; currently, any vulnerabilities must be filled on a voluntary basis.

Officials said the new guidelines, which are anticipated to be released in the coming weeks, will oblige corporations to remedy any errors and address any shortfalls or face financial penalties. They will signal a significant shift for TSA, which has previously depended on consultation with pipeline firms rather than imposing statutory standards.

Security procedures such as verifying distant network connections on a regular basis are outlined in the current TSA standards. Experts agree that a “performance-based” approach is preferable, stating, for example, that the aim of reviewing such connections is to verify that a hacker cannot break into an industrial control system. The aim is to define the company’s core objectives, which will allow it to develop and keep up with technology in order to achieve them, according to experts.

Healthcare

This year, healthcare institutions remain the most vulnerable to cyber-attacks. Last year, data breaches and ransomware attacks cost the industry an estimated $4 billion, recording for more than four out of 10 breaches.

The healthcare business is in charge of a great deal of personal information contained in their patients’ medical records. Every year, nearly one million records are compromised. According to the PwC Health Research Institute, these attacks cost an average of $200 for each patient. Downtime at the plant, reputation repair, litigation, and company loss are all included. However, preventing such an attack from ever occurring costs only roughly $8 per patient.

Ransomware assaults have also become relatively “popular.” These attacks target the hospital’s vital life support systems, which, if disrupted, can result in the death of a large number of people.

Manufacturing

Manufacturing enterprises (such as those in the automotive, electronics, textile, and pharmaceutical industries) are also particularly vulnerable. Automobile manufacturers were the target of almost 30% of the attacks in this industry. Chemical makers were in close second place

Finance

According to a Clearswift survey conducted in the United Kingdom, more than 70% of financial institutions have been hacked.

This is from special research on cyberattacks on US 401Ks and retirement plans, money that has been unjustly taken from retirement accounts is impossible to recoup.

According to a report on retirement plans, IRA contribution limits increased to $6,000 in 2019, with catch-up contributions of $1,000 for those 50 and over.

Experts predict that, with the plans reaching about $6 trillion this year, it will be increasingly in the crosshairs of criminals, especially since the account holders are considerably less likely to be up to date on the current cybersecurity trends.

Institutions are spending a lot of money on cybersecurity these days, making them much safer and less vulnerable than they were previously. J.P. Morgan Chase, Bank of America, Citibank, and Wells Fargo have all put $1.5 billion on cyber protection. Cybercriminals are increasing their investment in their strategies and strategies as a result of this. Because many of these businesses don’t have the time or money to invest in cybersecurity, they prefer to target smaller businesses in the financial sector.

Government Agencies

Hackers would want to get their hands on data from government organizations, such as security information, commercial contracts, social security numbers, birthplaces, and digital fingerprints. You’ll be surprised by the number of attacks on the government. According to Info Guard Security, the Pentagon’s five websites have 138 cybersecurity flaws. Since 2006, this number has climbed by 1,300 percent. In just one year, 11 of the government’s 18 high-impact systems were subjected to 2,267 cyberattacks, 500 of which resulted in the introduction of harmful code into their systems.

Although the government believes that rotating its in-house IT team will solve the problem, it puts the security of the material in danger. Due to government bureaucracy, which also makes it difficult to swiftly purchase systems that protect themselves against today’s dangers, this isn’t likely to change very soon. As a result, today’s attacks are much more successful than those of the past.

Small and Medium-sized Business

Small enterprises are the target of 43% of cyber attacks. While the media has focused on significant cyber-attacks like Target, Netflix, and financial institutions like JP Morgan, small and medium-sized enterprises have been the most frequently targeted. As a result, 85 percent of small firms want to boost their investment in managed security services.

According to industry analysts, 60 percent of small businesses would collapse within six months due to a cyber-attack, which can range from phishing schemes to malware attacks. Furthermore, there appear to be some industries that cybercriminals prioritize.

Construction

Phishing is still one of the most common attack vectors used by hackers, making the human factor one of the most vulnerable aspects of a company. According to phishing research, the construction industry is the most vulnerable to phishing assaults of all businesses. Construction organizations are particularly vulnerable to ransomware and malware since highly private designs, blueprints, bids, financial information, and even Personally Identifiable Information (PII) are typically maintained on a single system. Companies that are attacked face long-term implications such as lost sales and negative press coverage, in addition to financial loss.

Retail

Some people are surprised that hackers target the retail industry. However, this mindset encourages retailers to deploy ineffective security measures, making them easy targets for hackers today. These hackers aren’t targeting the retailer’s inventory or orders, but rather the credit card information of their customers, which they maintain on file. Additionally, these retailers are occasionally hacked by competitors who seek to know about their customers’ online behavior to upsell and cross-sell. As a result, this industry sees a lot of sponsored attacks, as well as DDoS attempts during peak business hours.

CEOs concerns about Cybercrime

According to the annual CEO survey conducted by PWC in 2020, cybersecurity is the top concern for senior executives in North America, with half of those polled expressing “severe concern” about their cyber vulnerabilities. Furthermore, organizations are preparing for 2021 cybersecurity dangers as data breaches and attacks become more common, with estimates indicating one every 5 minutes since GDPR legislation went into effect.

Investors and other stakeholders are also putting increasing pressure on businesses. Again, it’s the situation with cybersecurity, which many companies have confined to the CIO’s domain when what’s needed is a comprehensive approach to managing corporate complexity while developing governance and shared responsibility framework.

Corporate complexity has its drawbacks. The complexity caused by firms expanding their external partnerships to offer digital solutions and layering them onto old IT architecture tends to increase cyber risk. It’s easy to get caught up in the lure of concentrating security efforts on risk dashboards, surveillance, and technology projects. Leaders who are serious about cybersecurity, on the other hand, must embrace simplicity in their strategic discussions about business models, ecosystems, and internal processes.

Cybercrime rise in Europe

Cyber is the greatest threat for CEOs in North America and Western Europe.

CEOs in the asset and wealth management, insurance, private equity, banking, and capital markets, and technology industries are most concerned about the cyber threat

According to a recent estimate by DLA Piper, European businesses experienced 60,000 data breaches in the eight months following the GDPR’s implementation, or one every five minutes. Ransomware assaults are also on the rise, with more than 350 % of firms reporting that their security risk has increased significantly since 2017. According to a report by PrivacyAffairs, cyber warfare is on the rise, which implies that enterprises and governments, and consumers must think twice about their data.

The reports appear to be reflected in the media, with recent data breaches reported by Microsoft, Facebook, and even home improvement retailer B&Q. Despite the fact that both Microsoft and Facebook were hacked, B&Q’s shop theft records were made public merely because the data was housed on open source search engine technology that was not set up to need user-ID authentication.

This highlights an often-overlooked truth about data breaches: Although cyber attacks garner greater attention in the media, data breaches are more commonly caused by human error or plain ignorance.

In just eight months, 60,000 data breaches have occurred in European companies.

According to recent estimates, more than 59,000 data breaches have been recorded across Europe since data protection regulations were enacted last year.

According to legal firm DLA Piper, the Netherlands, Germany, and the United Kingdom topped the list of countries with the most reported breaches in the eight months since the new GDPR legislation went into effect.

Public and private organizations in the 26 European countries where data is accessible reported breaches ranging from trivial mistakes like misdirected emails to massive cyber intrusions.

Following an outbreak by ransomware NotPetya, even DLA Piper was struck by a cyberattack in 2017, with workers’ access to emails and documents being blocked.

Cybersecurity Solutions

Every industry faces its own set of security issues. Developing and maintaining effective cybersecurity plans necessitates a thorough grasp of a company’s cyber history and threat landscape.

Every business is vulnerable to data breaches, system hacks, virus or ransomware attacks, and cybercriminals gaining unauthorized access to their network’s processing power.

We live in a digital world full of cyber dangers and vulnerabilities on a global scale. For critical infrastructure cybersecurity, both public and private sector security specialists will need to use a highly collaborative and networked platform.

“Securing critical infrastructure is a shared duty — shared by Federal, State, Local, Tribal, and Territorial governments; private organizations; and ordinary citizens,” according to the Department of Homeland Security (DHS). As a result, even on a macroeconomic level, cybersecurity has become a shared responsibility in our daily lives.

Methods for preventing data breaches that have been demonstrated to be effective.

Inventory of Assets

An asset inventory can be used to categorize and rate the threats and vulnerabilities that assets might face. These vulnerabilities can be categorized and rated to assist in better prioritize the remediation efforts for these assets.

Endpoint protection has become increasingly important as a result of data breaches. Antivirus software alone is insufficient to prevent a big data breach. In fact, relying solely on anti-virus protection leaves endpoints, such as computers and laptops, vulnerable. PCs and laptops might serve as a primary entry point for hackers.

A complete endpoint solution will use encryption to minimize data loss and leakage and enforce uniform data protection standards across all servers, networks, and endpoints, lowering the chance of a data breach.

Vulnerability and Compliance Management

Vulnerability And Compliance Management (VCM) solution can be used to detect holes, flaws, and security misconfigurations in physical and virtual environments. VCM can monitor your infrastructure and IT assets in real-time for vulnerabilities, compliance flaws, and best configuration practices.

Allowing the security team to better understand the security vulnerability risks of the environment, i.e., Threat Landscape and priorities around what needs to be remedied, are some of the benefits that will assist mitigate a data breach. Establish an action plan to address these vulnerabilities and allocate them to the right staff members with excellent Vulnerability and Compliance Management.

Security Posture Audits on a regular basis

Regular audits will aid in assessing security posture by identifying any new weaknesses in compliance or governance. In comparison to vulnerability assessments or penetration testing, a security audit will provide a more detailed examination of your security procedures. A security audit takes into account the organization’s dynamic character as well as how it handles information security.

Train and Educate Your Employees

After the completion of security policy audits, prepare and put in place a written employee data privacy and security policy. Regular security training will be necessary to ensure that all employees are aware of the newly implemented policies – after all, people cannot freely follow unfamiliar policies.

About databrackets

databrackets is accredited to ISO/IEC 17020 by the American Association for Laboratory Accreditation (A2LA) for Cybersecurity Inspection Body Program (Certificate Number: 5998.01)

databrackets received accreditation by the International Accreditation Service (IAS] to provide ISO/IEC 27001  for Information Security Management Systems (ISMS) and joins an exclusive group of certification bodies.

databrackets certified privacy and security professionals could help your organization comply with a range of Certifications and Compliances that include HIPAA/HITECH, PCI Data Security, CCPA, OSHA, GDPR, Penetration Testing,  FDA CFR Part 11, ISO 27000, Cloud Security Management, NIST Framework, Cybersecurity Framework, SOC Certification, Third-party Assessment, NYDPS Cybersecurity  Series, ISO 17020, and  ISO 27001.

databrackets assists organizations in developing and implementing practices to secure sensitive data and comply with regulatory requirements. By leveraging databracket’s SaaS assessment platform, awareness training, policies, and procedures, and consulting expertise, you can meet the growing demand for data security and evolving compliance requirements more efficiently.

To learn more about the services, please visit www.databrackets.com.

The following two tabs change content below.
Our mission is to assist organizations in developing and implementing practices to secure data and comply with regulations. With several years of experience in the IT and health care industries, databrackets is poised to meet the needs of your organization via: - Consulting Services - Online, Do-it-yourself Toolkits for Security Risk Assessment - Education (Training, Webinar, and Workshops) For details on how databrackets can provide customized assistance for your organization, please contact us at info@databrackets.com.