21 May 2021
Story image

Healthcare, manufacturing and finance sectors accounted for 62% of all cyber-attacks in 2020

NTT has released a bombshell report detailing the extent to which global ‘destabilisation’ has handed cyber-attackers opportunities to target essential industries — especially via vulnerabilities stemming from the shift to remote working.

Such industries, including healthcare, manufacturing, and finance, all saw an increase in attacks (200%, 300%, and 53% respectively), with these top three sectors accounting for a combined total of 62% of all attacks in 2020 — up 11% from 2019. 

Meanwhile, application-specific and web-application attacks rose dramatically as organisations clambered to provide remote access through the use of client portals. These attacks comprised two-thirds of all attacks, NTT says — with this figure more than doubling in the past two years.

The healthcare industry was the hardest hit, with 97% of all hostile activity targeted at the industry being web application or application-specific attacks.

“Last year we predicted a surge in targeted, opportunistic attacks and unfortunately, this has proven all-too-true,” says NTT Security division CEO Kazu Yozawa.

“While these industries have done their best to maintain essential services throughout disruptive times, the fall in security standards when companies need them most is alarming. 

“As services continue to move online and become increasingly digital to account for the new normal, organisations must be extra vigilant in upholding and maintaining best practices in their security.”

NTT’s report established a maturity score measuring certain industries’ security programmes, with a higher number indicating a more mature plan of action. Healthcare and manufacturing have relatively low maturity scores of only 1.02 and 1.21, respectively — decreasing from 2019’s scores of 1.12 and 1.32.

The manufacturing industry has had a rougher time of it recently, experiencing a three-year decline in scores — most likely due to changes in the operating environment and the evolution of attacks, according to NTT. 

The rise of crypto-malware

Cryptominers have replaced spyware as the most common malware globally, according to the NTT report, but the use of certain variants of malware, like worms and trojans, against specific industries continues to evolve. 

Whereas worms appeared more frequently in the finance and manufacturing sectors, remote access trojans were more common in the healthcare industry, while the technology industry was targeted by ransomware. Cryptominers targeted the education sector due to the popularisation of mining among students who exploit unprotected infrastructures.

The crypto-currency market is a prime example, with cryptominers accounting for a staggering 41% of all detected malware in 2020. XMRig coinminer was the most common variant, representing nearly 82% of all coinminer activity and nearly 99% in EMEA specifically. 

“On one hand you have threat actors taking advantage of a global disaster, and on the other, cybercriminals capitalising on unprecedented market booms,” says NTT global threat intelligence centre lead Mark Thomas.

“The common thread throughout both of these situations is unpredictability and risk. Changes in operating models or adoption of new technologies present opportunities for malicious actors, and with a surging cryptocurrency market popular among inexperienced students, attacks were bound to happen. 

“Now, as we enter a more stable phase of the pandemic, organisations and individuals alike must prioritise cybersecurity hygiene across all industries, including the supply chain.”

Recent stories
More stories