IBM Safety’s annual X-Force Threat Intelligence Index makes use of knowledge derived from throughout our groups and managed clients to assemble insights concerning the topmost focused industries yearly, serving to organizations handle danger and useful resource funding of their safety packages.
Relating to managing digital danger and dealing with potential cyberattacks, every trade faces its personal distinctive assault panorama, as completely different risk actors, motivations, belongings and geopolitical occasions drive adversarial exercise in every sector.
To map essentially the most focused industries, IBM used knowledge insights from 2020 assaults to take a look at what might be anticipated in 2021. The information confirmed finance, manufacturing and power on the very high of an inventory of focused sectors.
High 10 Industries
Determine 1: High 10 industries by assault quantity, 2020 versus 2019
Whereas finance has been a topmost constituent on that chart for the previous 5 years, the manufacturing and power sectors noticed a hike in assaults, leaping 5 ranges from their respective 2019 rankings, as if turning a pyramid on its head.
Manufacturing — ranked because the eighth most attacked within the 2019 report — jumped to second place in 2020. This can be pushed by the curiosity malicious actors have in focusing on infrastructure with connections to operational expertise (OT). Equally, power jumped from ninth place in 2019 to 3rd place in 2020, additional underscoring attackers’ concentrate on OT-connected organizations in 2020.
Well being care jumped from final place in 2019 to seventh place in 2020, in all probability pushed by COVID-19- associated well being care assaults and a barrage of ransomware assaults in opposition to hospitals. Transportation continued to drop in 2020, falling to ninth place, in comparison with third in 2019. This may very well be associated to much less transportation utilization throughout the pandemic.
Why had been the top-ranking sectors attacked that rather more in 2020? Attackers may very well be in search of organizations the place they might both steal extra money with much less effort, making use of stress for high-stakes returns or the place they might inflict kinetic harm.
The forms of assaults that had been most prevalent in every sector differed:
- The monetary sector was affected by a big portion of server assaults, knowledge theft and a few ransomware circumstances. These assault sorts are coherent with attacker motivations in focusing on organizations that transfer cash round loads. Paralyzing banks is much less of a objective however accessing inside techniques can yield hefty illicit returns, highlighting the necessity for sturdy banking cybersecurity.
- Within the manufacturing sector, the place each minute of downtime is a pricey matter, there was a excessive proportion of ransomware assaults, indicating risk actors sought to disrupt operations in locations the place the stress to pay a ransom can be nice. In 2020, the manufacturing trade additionally grew to become extra crucial than ever, with the manufacturing of non-public safety gear and different crucial provides. The sector noticed elevated exercise throughout the globe, which might have been a purpose for attackers to focus on it at its busiest time, launching knowledge theft and enterprise electronic mail compromise (BEC) assaults on producers throughout the globe.
- Within the power sector, 35% of assaults had been knowledge theft and solely 6% concerned ransomware, probably indicative of risk actors who’re after mental property, buyer knowledge or methods to extort organizations. One other in style assault sort on this sector was the BEC assault.
Determine 2: Proportion breakdown of trade assaults by sort, per X-Power incident response knowledge, 2020
Highlights From 2020’s High 10
A breakdown of the highest 10 most focused industries additionally options retail, skilled companies, authorities, well being care, media, transportation and training. Whereas it ranked seventh in 2020, the variety of assaults on well being care greater than doubled in comparison with 2019 and virtually a 3rd of all assaults on the well being care sector had been ransomware cases. The well being care sector goes by means of extraordinarily difficult occasions, having to answer a world pandemic whereas more and more being focused by subtle cyber crime and nation-state risk actors out to disrupt and steal knowledge from organizations on this trade.
One other sector the place ransomware reigned supreme was the federal government sector — 33% of assaults on authorities entities concerned ransomware. However whereas this assault sort looms giant, based on a 2020 IBM Security study, solely 38% of state and native authorities staff are educated on ransomware prevention, with one in six respondents disclosing their division was impacted by a ransomware assault. This knowledge is a name to motion for presidency safety groups to arrange and practice for the potential of an assault on their networks, particularly in a work-from-home period.
The education sector was closely spammed and likewise noticed ransomware attacks goal its networks, in lots of circumstances leaving colleges unable to proceed working till the scenario was resolved. These assaults didn’t solely goal greater training; K-12 schools had been additionally affected, making pandemic-era finding out troublesome.
Determine 3: High attacked industries in 2020 as a share of assaults on the highest 10 industries
Per Business Breakdown
The 2021 X-Power Risk Intelligence Index additional breaks down the forms of assaults in every trade and the developments that formed them. The next sections present a abstract of every of the highest 10 constituents:
1. Finance and Insurance coverage
Roughly 28% of assaults on finance and insurance coverage in 2020 had been server entry assaults, and 10% of assaults concerned ransomware.
Since 2016, the finance and insurance coverage sector has been ranked because the most-attacked trade, a place it continued to carry in 2020. Monetary establishments skilled 23% of all assaults IBM X-Power analyzed in 2020, up from the 17% of assaults the sector skilled in 2019.
We noticed 21% of ransomware assaults occur in opposition to manufacturing. 4 occasions extra BEC assaults had been skilled in manufacturing firms than in another trade.
Manufacturing ranked because the second most-attacked trade in 2020, up from eighth place in 2019, and acquired 17.7% of all assaults on the highest 10 industries — greater than double the 8.1% of assaults it skilled final yr. Risk actors’ renewed concentrate on manufacturing — the trade additionally ranked second in 2015 and third in 2017 — underscores its attractiveness as a goal, particularly for ransomware, BEC and distant entry trojan assaults.
Roughly 35% of assaults on the power trade had been tried knowledge theft and leaks.
Having suffered 11.1% of assaults on the highest 10 industries in 2020, power ranked because the third most attacked trade, up from ninth place the yr prior. Server entry assaults on the power sector hit organizations laborious in 2020, and this trade got here in fourth place after well being look after the very best variety of such assaults.
And, 36% of assaults on retail had been credential theft; 18% of assaults on retail had been ransomware.
The retail trade ranked because the fourth most attacked in 2020, down from second place final yr, and acquired 10.2% of all assaults on the highest 10 industries, down from 16% final yr. As a hub of bank card funds and different monetary transactions, retail has lengthy been a goal of alternative for malicious risk actors.
5. Skilled Providers
We noticed 35% of assaults on skilled companies in 2020 from ransomware assaults — the next share than another trade suffered; 13% of assaults on skilled companies had been knowledge theft and one other 13% had been server entry assaults.
Skilled companies ranked fifth on the top-10 checklist of essentially the most attacked industries of 2020 and absorbed 8.7% of all assaults on the top-10 sectors — holding its similar rank as in 2019 whereas dropping barely from 10% in 2019. Skilled companies organizations are significantly enticing to attackers due to the avenue they supply to further victims and confidential knowledge they usually maintain on folks.
Multiple-third (33%) of assaults on authorities had been ransomware — the second highest share out of all industries; 25% of assaults on authorities had been tried knowledge theft and leaks.
The general public sector — together with protection, public administration and government-provided companies — ranked as sixth most attacked within the 2020 rating, receiving 7.9% of all assaults on the top-10 industries. This locations the federal government sector in the identical spot as its 2019 rating, when it suffered 8% of assaults on the top-10 industries. From IBM X-Power incident response knowledge, it seems that ransomware assaults plagued authorities organizations essentially the most in 2020, adopted carefully by knowledge theft.
7. Well being Care
Throughout an particularly tense yr for this sector, well being care noticed 28% of assaults begin with ransomware infections; 17% of the incidents noticed within the sector concerned CVE-2019-19781, a dangerous vulnerability within the Citrix Software Supply Controller.
By way of its rating in 2020, well being care ranked seventh on the most-attacked industries chart, having absorbed 6.6% of all assaults on our top-10 checklist — up from 10th place and three% of assaults in 2019. That is an considerable leap and displays the onslaught that well being care acquired because the COVID-19 pandemic unfolded, from ransomware assaults to risk actors focusing on COVID-related analysis and coverings. All these threats proceed to have an effect on well being care and well being analysis organizations in 2021 and should be a name for much more vigilance as attackers stay relentless of their operations in opposition to the sector.
8. Media and Info Communications
A whopping 90% of malicious area identify system (DNS) squatting focused the media, essentially the most spoofed trade.
The media, telecommunications and knowledge communications trade got here in at eighth most attacked in 2020, focused by 5.7% of all assaults on the highest 10 industries — down from fourth place final yr, when it acquired 10% of assaults. This sector consists of telecommunications and cellular communications suppliers, in addition to media and social media retailers that may play a crucial position in political outcomes, particularly throughout election years.
The transportation sector skilled 5.1% of all assaults in 2020, down from 10% in 2019; 25% of assaults in opposition to transportation in 2020 concerned a malicious insider or misconfiguration. In contrast to manufacturing, transportation considerably dropped in its top-10 rating, inserting ninth, down from third place in 2019 and second place in 2018. It’s doable that with journey bans throughout the globe, this sector was not as profitable to attackers throughout the first yr of the COVID-19 pandemic.
Half (50%) of the assaults on training in 2020 had been spam or adware; 10% of assaults had been ransomware. The training sector ranked because the 10th most attacked in 2020, receiving 4% of all assaults on the highest 10 industries. This strikes training down from the seventh-most attacked place in 2019, when it acquired 8% of all assaults.
Though this sector noticed a smaller portion of assaults general, it’s also a more vulnerable sector the place safety budgets are humble, however dangers are prolific. College students and workers make for a big assault floor that’s decentralized and more durable to manage, making colleges and universities all of the extra vulnerable to cyberattacks.
To be taught extra about your group’s sector, obtain the 2021 X-Force Threat Intelligence Index and keep updated on IBM X-Power’s safety analysis blogs by visiting: www.securityintelligence.com/category/x-force.