sb-eu logo
Story image

Report: Tech industry most attacked sector

Despite efforts by organisations to layer up their cyber defences, attackers are continuing to innovate faster than ever before and automate their attacks, according to a new report from technology services provider NTT. 

Referencing the current COVID-19 pandemic, the report highlights the challenges that businesses face as cyber criminals look to gain from the global crisis and the importance of secure-by-design and cyber-resilience.

The attack data indicates that over half (55%) of all attacks in 2019 were a combination of web-application and application-specific attacks, up from 32% the year before, while 20% of attacks targeted CMS suites and more than 28% targeted technologies that support websites. 

For organisations that are relying more on their web presence during COVID-19, such as customer portals, retail sites, and supported web applications, they risk exposing themselves through systems and applications that cyber criminals are already targeting heavily.

"The current global crisis has shown us that cyber criminals will always take advantage of any situation and organisations must be ready for anything," says Matthew Gyde, president and CEO of the security division at NTT.

"We are already seeing an increased number of ransomware attacks on healthcare organisations and we expect this to get worse before it gets better," he explains. 

"Now more than ever, its critical to pay attention to the security that enables your business; making sure you are cyber-resilient and maximising the effectiveness of secure-by-design initiatives."

While attack volumes increased across all industries in the past year, the report found technology and government sectors were the most attacked globally. 

Technology became the most attacked industry for the first time, accounting for 25% of all attacks (up from 17%). Over half of attacks aimed at this sector were application-specific (31%) and DoS/DDoS (25%) attacks, as well as an increase in weaponisation of IoT attacks. 

Government was in second position, driven largely by geo-political activity accounting for 16% of threat activity, and finance was third with 15% of all activity. Business and professional services (12%) and education (9%) completed the top five.

Mark Thomas who leads NTT's global threat intelligence centre, says, "the technology sector experienced a 70% increase in overall attack volume. 
"Weaponisation of IoT attacks also contributed to this rise and, while no single botnet dominated activity, we saw significant volumes of both Mirai and IoTroop activity," he says. 

"Attacks on government organisations nearly doubled, including big jumps in both reconnaissance activity and application-specific attacks, driven by threat actors taking advantage of the increase in online local and regional services delivered to citizens."


2020 GTIR key highlights:

  • Websites posing as official source of COVID-19 information, but host exploit kits and/or malware created at an incredible rate, sometimes exceeding 2000 new sites per day.
  • Most common attack types accounted for 88% of all attacks: Application-specific (33%), web application (22%), reconnaissance (14%), DoS/DDoS (14%) and network manipulation (5%) attacks.
  • Attackers are innovating: By leveraging artificial intelligence and machine learning and investing in automation. Some 21% of malware detected was in the form of a vulnerability scanner, which supports the premise that automation is a key focus point of attackers.
  • Weaponisation of IoT: Botnets such as Mirai, IoTroop and Echobot have advanced in automation, improving propagation capabilities. Mirai and IoTroop are also known for spreading through IoT attacks, then propagating through scanning and subsequent infection from identified hosts.
  • Old vulnerabilities remain an active target: Attackers leveraged those that are several years old, but have not been patched by organisations, such as HeartBleed, which helped make OpenSSL the second most targeted software with 19% of attacks globally. A total of 258 new vulnerabilities were identified in Apache frameworks and software over the past two years, making Apache the third most targeted in 2019, accounting for over 15% of all attacks observed.
  • Attacks on Content Management Systems (CMS) accounted for about 20% of all attacks: Targeting popular CMS platforms like WordPress, Joomla!, Drupal, and noneCMS, cyber criminals used them as a route into businesses to steal valuable data and launch additional attacks. Additionally, more than 28% targeted technologies (like ColdFusion and Apache Struts) support websites.
Story image
HCL takes over Broadcom’s Symantec security consulting
As part of the partnership, the majority of Broadcom's Symantec enterprise consulting team will transition to HCL.More
Story image
76% of execs losing sleep over being the next high-profile breach
Headline-grabbing security breaches of high-profile enterprises are becoming more common, fuelling the anxieties of business leaders who hope they're not next. More
Story image
FireEye unveils Cloudvisory: A multicloud security control centre
FireEye has announced the availability of FireEye Cloudvisory - a control centre for cloud security management across any private, public or hybrid security environment.More
Story image
Thycotic acquires Onion ID, launches new access management products
Thycotic has acquired Onion ID, a privileged access management (PAM) solutions provider, and has added new products to its PAM portfolio to protect enterprise cloud apps and better enable remote workers.More
Story image
Endace and Palo Alto Networks launch integration to empower security teams
“The combination of Cortex XSOAR’s powerful orchestration and automation capabilities with the rich network history recorded by the EndaceProbe Analytics Platform gives security operations access to the conclusive forensic evidence they need to respond quickly and accurately to threats.” More
Story image
Cybercriminals seeking greater anonymity online, Trend Micro states
Cybercriminals have switched to ecommerce platforms and communication using Discord for greater anonymity, according to new research from Trend Micro. More