What Industries are Most Vulnerable to Cyber Attacks?

While pretty much any business or individual can become a victim of cyber attacks, some industries happen to be cybercriminals’ favorites. The alarming statistics about financial losses caused by data breaches show that many companies have no strategy on how to deal with these threats and still aren’t doing anything despite these very loud wake-up calls.

What industries are most vulnerable to cyber attacks

In the first half of 2019, 4.1 billion of data records were exposed, according to the HelpNet Security, while the average loss caused by a data breach is estimated at $3.86 million for businesses. The vast majority of these cyber attacks occur through phishing emails, with the help of well-crafted social engineering techniques. All it takes to gain access to a company’s sensitive data is to lure its employee to open the malicious email and click a link or a file attachment in it. If this employee works in a particularly vulnerable unit and has access to sensitive data, this could seriously threaten the organization’s whole existence.

While phishing is not something new and some businesses are fully aware of the risks, somehow the employees still fall for it. One out of three employees click the malicious attachments or links after opening the phishing email, and one out of every eight employees share the information demanded by the attackers. This shows how weak cybersecurity culture actually is in most of the businesses.

Even after so many documented cyber incidents, some businesses still lag behind in their preparation. Small businesses are way less prepared than big ones. According to the Ponemon Institute report, more than 67% of companies with fewer than 1,000 employees have experienced a cyberattack, and 60% of them could potentially go out of business due to damages associated with cyberattacks.

The most vulnerable sectors to cybercrime

As we can see, cybercriminals don’t discriminate by size. But which sectors are most likely to attract them? Various reports show that some of the sectors most vulnerable to cyber attacks in 2020 are:

Healthcare

Finance & Banking

Crypto & Blockchain

Education

Gaming

Gambling

Business & IT

Public Sector

Healthcare

COVID-19 crisis has shown an alarming rate of cybercrime attacks so far. As Interpol finds 59% of the attacks are related to phishing. In another report by HealthSecurity, it is said that healthcare is hit by 49% increase in hacking, reaching a stunning number of 41.4 million patient records breached.

Finance & Banking

Few days ago, Fortunely reported that 71% of all data breaches are financially motivated which has lead to 164.6 million successful data breaches. Probably the most talked about incident was the one of Travelex which ended in the company paying $2.3M Bitcoin ransom to hackers.

Crypto & Blockchain

There are numerous cases of cybercrime attacks that aimed at crypto companies and one of the latest ones is definitely the case of the crypto-wallet firm Ledger which revealed a security data breach that resulted in the compromise of 1 million email addresses and thousands of personal data.

Education

The latest post by EdScoop focuses on cybercrime attacks aimed at Educational Institutions and reports about the rising frequency and financial impact of attacks. This year has seen many attacks in this industry, but one that surely grabbed everyone’s attention was the case of The University of California at San Francisco (UCSF) which ended in paying a ransom of $1.14 million to recover locked files.

Gaming

The increased popularity in gaming has been exploited largely by cybercriminals in 2020. Even some of the most popular games were hit by cyber attacks such as  Minecraft, Counter Strike or Fortnite. Not only specific games were interesting to hackers, but also the companies and providers. No gamer was happy to hear the reports about millions of cases of data breaches within huge gaming corporations, and some of them include Activision, Razer, and Nintendo.

Gambling (iGaming)

It is estimated that the gambling industry will reach a value of $100 billion in a few years, and it’s no wonder cyber criminals are up for it. The latest know incident within this industry was the one of Clubillion, a popular gambling app, where millions of users were exposed in massive data leak.

In April this year, the gambling provider SBTech was targeted by cybercriminals. As reported, the provider had to place $30 million in escrow as insurance for covering the fallout from a cybersecurity incident that took place last month. In March, the gambling operator BetUS was data hacked, and in January the online gambling platform SuperCasino had a data breach.

Business & IT

Unfortunately, all business sectors are vulnerable to cyber attacks without exception. According to Riskbasedsecurity, the first quarter of 2020 has been one of the worst in data breach history, with over 8 billion records exposed. Many of these records were from business and IT sector. Probably the most known cases are those of Twitter (criminals reached at least 350 million users with the help of Twitter’s internal systems), Marriott (approximately 5.2 million guests involved), and Zoom (500,000 stolen passwords).

Public Sector

According to the latest Data Breach Investigation Report by Verizon, 16% data breaches were in the public sector (excluding healthcare). The researchers from Atlas VPN showed in a study that there were 17 million leaked government records during the Q1 of 2020. A list of the latest known incidents covers various sectors from all over the world (Governments, Saving Scheme Providers, Water Suppliers, Prison Services, Tax Authorities, Electricity providers and more).

Steps to protect your business from cybercrime

Most employees have at least basic knowledge about what a malicious email is and how the cybercriminal tactics look like. Still, the data shows that a great percentage of them are completely unaware of how vulnerable their data is. The most common examples people think when they hear the term “phishing email”, such as well-known medical scams or long lost relatives leaving a huge inheritance, are now replaced by more innovative social engineering tactics and highly personalized emails, where it’s almost impossible for employees to detect a scam.

Here are some useful steps you can do to ensure your business is as protected from cyber attacks as possible:

  1. Employee training is an important step in controlling the cyberattack risks. They (especially the ones working in vulnerable departments) should be more careful about what they download and where they share the data
  2. Investing in a good anti-phishing protection
  3. Implementing multi-factor identification (MFA) are other key elements in the battle against hackers
  4. If you are still into using passwords then make sure you’ve pumped them up. If not, alternatively you can choose to go with some more sophisticated solutions such as Passwordless Authentication
  5. Firewall and anti-virus software are a must nowadays. Make sure you have them updated and managed properly
  6. Have a team of cybersecurity experts you can consult with about the latest threats and measures

It is predicted that the cybercrime will cost the world around $6 trillion annually by 2021. Two thirds of small and mid-size businesses are oblivious of the cybercrime dangers, or believe their own business will not be attacked! Let’s make sure we all do our best to prevent this from happening.

SERVICES

Passwordless MFA