With cyberattacks and data breaching becoming more and more common, part of being able to defend your business against cybercrime is to understand how at-risk your industry is. In fact, it is predicted that cybercrime damages can cost the world up to $6 trillion in 2021. While all industries are at risk to cybercrime, some sectors are a greater target than others, and should be taking extra precautions to guard themselves against such attacks.
Let’s look at the top five industries that are frequent targets for such problems.
Financial services have been the number one target for cyber attacks for two years in a row, with 27% of security incidents and 17% of attacks in 2017 being on financial service institutions. With the amount of sensitive information held by such organizations, it is absolutely imperative to take precautionary measures against attacks. Individual attackers target at a consumer level through phishing schemes while organized gangs come for larger amounts of data through unpatched vulnerabilities. Financial service providers should take care to maximize their security and ramp up their firewalls to deter attackers, or at least lessen the impact in case of an attack does occur.
Information and Communications Technology
With dependence on technology in the digital world leading to information and communications technology to become interconnected, large amounts of sensitive data are held by this industry. This exposes the industry to more threats, since it becomes difficult to control who has access to the networks. Administrators should make sure to set policies to establish who can connect to their systems and make sure to drop connections immediately before an unauthorized person can connect, to keep them from accessing any information.
Almost 30% of network attacks in this industry include ransomware, and these types of attacks may have long-term damage if they are successful, but they are also easier to avoid. With better security and control, keeping ransomware from entering the system is easy, but companies should make sure to regularly audit, update and patch their servers, as well as place restrictions on who can access servers and sensitive data.
Retail industry attacks usually include POS (point-of-sale) malware, which makes it hard to protect since these POS systems are located in multiple locations across the country instead of one location. Whitelisting technology can be used to provide protection. This allows only pre-approved applications to run on the system and any unidentified ones will be blocked. Chip readers should also be implemented to keep the magnetic stripes of cards from being replicated, and hence protecting consumers’ financial data.
More than 62% of attacks on professional services include injection attacks, where code is injected into a program or computer that allows hackers to use remote commands and read or even edit the entire database. To prevent injection attacks, stored procedures or pre-designed SQL functions should be used. With these, input parameters are read as literal values instead of as executable code, which keeps attackers from using trick queries.