The link below is another research study based research from OGL Computer (and shared by the team at the East Midlands Cyber Resilience Centre). This highlights the five sectors that they have observed as being most impacted by attacks during 2020.  It is worth a quick read, to verify the trends that they have observed with the following sectors being the most impacted:

  • Healthcare - especially public sector healthcare organisations, but increasingly the supply chain is being used as the main vector of attack. Generally supply chains are less well integrated and protected than internal systems, and given the nature of how supply chains transfer data there are greater opportunities for attackers. In addition, many SMEs interact with healthcare organisations, and frequently cyber security is not as strong as within larger healthcare units.
  • IT & Telecoms - Given the amount of data stored in the cloud and transferred, this sector is an unsurprising target. Two main vectors are to attack subscribers or the network operations themselves.
  • Legal - another sector that has large volumes of important and sensitive and financial data especially in corporate and property practices. We have also come across several cases of "CEO Fraud" style attacks are mounted. This type of fraud can be tackled through increased awareness and some straightforward processes being implemented in addition to normal information security defences.
  • Manufacturing - OGL observes that the value of data and process related know how in this sector (e.g. automotive, engineering and chemical industries) combined with the specialist software used make these firms highly attractive to attackers. Another observation I would add is that many manufacturing plants operate without routine patching, systems upgrades and typical good-housekeeping that is more of an accepted part of life within administrative settings. An informal poll of an (admittedly very small) sample of manufacturing businesses in the Midlands showed that many run key control processes using out of date operating systems (e.g. Windows 7). There are clearly some simple actions that can be taken to assist this sector to protect themselves.
  • Finance - Perhaps one of the most obvious target areas given the nature of the "product" and the access to direct financial gain. However direct and indirect attack vectors are use for a wider range of purposes within this sector and the trends affect Banks, brokers, insurance companies as well as merchants. 

Our own review of a sample of data breaches involving cardholder data environments (CDEs) within e-commerce merchants indicated a number of trends over the last year. Key highlights include:

  • In 94% of cases the attack on the CDE came as a result of a breach of the merchants e-Commerce environment
  • Magento remains the most popular e-Commerce platform within the community of breached merchants, with a 50:50 split between Magento 1 an Magento 2 installations.
  • Client-side attacks using JavaScript (e.g. MageCart) were still popular throughout 2020, but a growing trend for fake payment pages to be used.

We published a fuller blog on our findings "Compromise Stats of 2020", Duncan Slater

The message is clear - that threats are evolving and generally (and unsurprisingly) target organisational information and data which is sensitive, confidential and has tradeable market value. 

The key is to remain vigilant and take appropriate action to tackle the most obvious areas of weakness in your cyber defences as part of a progressive review and hardening of managing your cyber risk. Do feel free to get in touch if you have questions for a confidential and no-obligation discussion.