Financial services industry is the biggest cyber target, says report
NTT Security has just released its 2019 Global Threat Intelligence Report (GTIR), and the biggest takeaway reveals that finance was the most attacked sector for six of the past seven years, accounting for 17% of all attacks. It’s tied with the technology sector, which joined finance this year with 17% of the attacks. Education and government are both new entries in the list of global top five industries – rising from 4% to 11% and 5% to 9% respectively – with coin mining campaigns largely to blame for the increased attacks in educational environments.
The company, which specializes in helping companies avoid attacks, summarizes data from trillions of logs and billions of attacks for the 2019 report, which analyzes threat trends based on log, event, attack, incident and vulnerability data from NTT Group operating companies.
The report also reveals how coin mining, or the practice of tracking transactions, is leading the evolution of malware and how cyber attackers are increasingly adapting their attack patterns and intrusion sets to include coin mining in their toolkits. Illicit coin mining accounted for a significant amount of activity during the past year, with the technology and education sectors making up over 86% of all coin mining detections.
In the report, credential theft and web-application attacks were found to be among the most prevalent activities during the past year. The most common technical attack used to commit credential theft was phishing (67%) with attackers targeting credentials for Microsoft (45%), Google (27%), PayPal (15%) and DocuSign (10%) in an attempt to gather usernames and passwords.
John South of NTT’s threat intelligence communications team, says: “Many financial organizations are moving forward with digital transformation but without prioritizing security as a core business requirement. While legacy methods and tools are still effective at providing a solid foundation for mitigation, new attack methods are continually being developed by malicious actors. Security leaders should ensure basic controls remain a primary focus but they must also embrace innovative solutions if they provide a good fit and true value.”