The top cybersecurity threats facing digital businesses are phishing, social engineering, and ransomware; business email compromise; IoT and distributed-denial-of-service (DDoS) attacks; and attacks targeting end-users.
New research reveals that cyber-attacks on the government sector doubled in 2016, hiking to 14% from 7% of all cybersecurity attacks in 2015. Attacks on the finance sector also rose dramatically from just 3% in 2015 to 14% of all attacks in 2016. The manufacturing sector came in at third place at 13%, while the retail sector, which topped the list of all cybersecurity attacks on all sectors in 2015, moved down into fourth place (11%).
According to the Executive Guide to the NTT Security 2017 Global Threat Intelligence Report which was compiled from data collected by NTT Security and other NTT operating companies including Dimension Data, from the networks of 10,000 clients across five continents, 3.5 trillion security logs, 6.2 billion attempted attacks, and global honeypots and sandboxes located in over 100 different countries.The report pinpoints a number of global geopolitical events which could have contributed to the government sector being a cybersecurity attack target. Highlights of the report are:
In Box: 63% of all cyber-attacks originated from IP addresses in the US, followed by the UK (4%), and China 3%. India with 1% was twelfth in the list of nations. The US is the predominant location of cloud-hosted infrastructure globally. Threat actors often utilize public cloud to orchestrate attacks due to the low cost and stability of this infrastructure.
• The Internet of Things (IoT) and operating technology (OT) devices must be considered as both a potential source and target of attack. Of the IoT attacks detected in 2016, some 66% were attempting to discover specific devices such as a particular model of video camera, 3% were seeking a web server or other type of server, while 2% were attempting to attack a database.
• Suspicious activities with 30% share remained the most prevalent type of attack in 2016, followed by web application attack (16%), Server Specific attack (8%) and Malware (7%), Brute forcing (7%) and application specific attack (7%).
• Phishing attacks were responsible for a high 73% of malware being delivered to an organization.
• Top regions attacking Asia were the US, Vietnam and Republic of Korea. Most commonly targeted business sectors for attacks in Asia were finance (46%), manufacturing (32%), and education (9%).
• Of these, two industries were targeted in 78% of all attacks – finance (46%) and manufacturing (32%).
Matthew Gyde, Dimension Data’s Group Executive – Security, said, “Governments all over the world are constantly under the threat of sophisticated attacks launched by rival nation-states, terrorist groups, hacktivists, and cybercriminals. That is because government agencies hold vast amounts of sensitive information – from personnel records, budgetary data, and sensitive communications, to intelligence findings. What is interesting is that this year we saw numerous incidents involving insider threats.
Group Executive, Security,