Senior Consultant, The BlumShapiro Cybersecurity Team
While every industry, business, entity and organization is susceptible to cyber-attacks, 2015 has shown a shift in the industries experiencing the highest incident rates. IBM has recently released the 2016 version of its annual IBM X-Force Cyber Security Intelligence Index – a report that provides readers with an overview and detailed look at the types and volume of attacks out there, the industries that are most affected and the key factors enabling hackers to attack. The data in this report is collected from thousands of devices monitored in over 100 countries. Below are the 5 most “cyber-attacked” industries, based on 2015 data:
Healthcare – 2015 was the year in which the healthcare industry became the most frequently attacked industry, surpassing financial services and manufacturing. During the first half of 2015, five of the eight largest healthcare security breaches since 2010 (those with more than a million records compromised) occurred. IBM reports that in 2015 alone, over 100 million healthcare records were reportedly compromised. The reason? Hackers can get a lot of cash for electronic medical records on the black market. Compromised data includes credit card information, email addresses, social security numbers, employment information and medical history records. Cybercriminals can use this information to establish false medical identities, commit fraud and launch additional email and phishing attacks on a healthcare organization.
Manufacturing – Coming in second place is the manufacturing industry, which includes automotive, electronic, textile and pharmaceutical companies. The IBM report notes that automotive manufacturers were the top targeted industry within manufacturing—accounting for nearly 30% of all cyber-attacks against manufacturing organizations in 2015. New attacks to keep an eye out for? Wireless carjacking. Research has proven that “connected” cars are now susceptible to being hacked wirelessly, including the remote control of a car’s steering, engine and even brakes.
Financial Services – The financial services industry has been working to strengthen cybersecurity over recent years. These efforts have proven effective as the former 2014 “first place” industry now moves to third. IBM emphasizes that many banking conveniences for customers—ATMs, credit cards, mobile banking apps—continue to make the financial system highly vulnerable to cyber-attacks. Malicious attachments, links and Trojan attacks continue to threaten security for banking institutions.
Government – 2015 saw the exposure of millions of U.S. employee records including social security numbers, birthplace and digitized employee fingerprints. These government attacks go beyond the United States. Over 50 million Turkish citizens were at risk of identity theft when their government’s database was leaked, and over a million Japanese citizens were exposed due to the opening of a malicious email attachment by the pension service.
- Transportation – Coming in fifth was the transportation industry, including airlines, bus, subway, commuter rail lines, overland freight lines and overseas container ships that transport goods worldwide. IBM notes that some hackers are attracted to this industry because a successful attack can result in mass chaos scenarios, while some hackers target transportation purely for the financial gain.
Moving out of the Top 5 list altogether for 2015?
The Information and Communication Industry, Retail/Wholesale Industry, and Energy and Utilities Industry. That’s not to say they won’t be back. It’s important that every industry and organization seriously consider the risks out there and “do their homework” in finding solutions to help mitigate the risk of attack. Any industry could be next on the 2016 Top 5; it’s safe to say today’s cyber-criminals are not leaving any organization untouched.