Back in the day, cybersecurity used to be easier. The information assets of organizations were safely tucked away behind a firewall, keeping them secure within the four walls of a data center facility. Strong access controls would help prevent unauthorized access and organizations didn’t consider themselves to be much of a target of attackers.
Those times though are long gone. The growing use of smarter mobile phones, cloud computing technology, the Internet of Things (IoT) and the widespread availability of information in the cyberspace have not only caused information technology (IT) paradigms to shift, but also opened up new avenues of attack for cyber-criminals and hackers.
WannaCry and Petya ransomware are two of the most recent examples of cyber-attacks that affected scores of businesses, schools, hospitals and individuals around the globe. To overcome these rising cybersecurity threats, it’s now more important than ever that industries take robust measures to prevent data breaches.
Industries Most Affected By Cyber-Attacks
With organizations facing a constant barrage of attacks one after the other, it’s undeniable that no industry is safe from cyber-attacks. From healthcare and banking to retail and what not, every industry faces cybersecurity threats. Even if your industry isn’t “technical” in nature, it doesn’t necessarily mean that you are safe.
Cybersecurity threats are a stark reality and the sooner organizations realize this, the better. There’s no limit to what highly skilled attackers can do and the DDoS attack last year, which disrupted the internet itself, is a testament to that fact. Let’s take a closer look at the industries most affected by cyber-attacks and how they are fighting back:
1. Banking and Finance
The banking and finance industry is undoubtedly an ideal target for hackers. After all, organizations in this industry have all the valuable information attackers yearn for – from client identities and bank account numbers to home addresses and private financial information. According to a 2016 survey, banks experience 85 serious attempted breaches on average every year, with 36% of those attempts being successful in obtaining some sensitive information.
The industry is responding with various initiatives to regain control of the financial cyberspace, which includes promoting greater accountability and awareness, improving communication for easier collaboration with the government and ultimately recruiting and developing a better team of cyber-talent. However, emphasis should also be placed on the continual education of security professionals as cybersecurity threats continue to evolve at an alarming rate.
Healthcare is yet another information-intensive industry and a prime target for hackers. Hospitals have access to electronic healthcare records, containing large amounts of information, from names and addresses of patients to their physical condition and financial details. The recent WannaCry ransomware attack left devastating effects, bringing a halt to the operations of Britain’s National Health Service (NHS) and impacting patient care.
Healthcare organizations have been forced to implement sorely needed practices for security. According to HIMMS’ 2016 Cybersecurity Survey, many healthcare providers fail to adopt security basics like encryption, antivirus tools and firewalls. While investments in cybersecurity are expected to rise significantly, measures must be taken to replace vulnerable and outdated computer systems. This is essential not only to protect these services from attacks, but also to regain public confidence regarding projects that rely on access to medical records.
3. Online Retail
As retail organizations move their products and services online, they open themselves up to cyber-attacks. The industry is mainly vulnerable due to a traditionally high employee turnover and widely distributed attack surface, leading to more opportunities for hackers. Online retailers are among the first targeted industries when cyber-attacks occur, as they hold all the valuable customer data. In 2014, Home Depot, a home improvement retailing company, had to pay $19.5 million to US customers affected by a data breach.
Besides educating staff about cybersecurity threats and their preventative measures, online retailers should also increase investment in firewalls for their websites and applications as they stop hackers before they can breach the network and access sensitive customer information. Furthermore, HTTPS with properly configured SSL/TLS is a must to encrypt the connection with retailer websites and secure all customer transactions.
Educational institutions, universities in particular, are targeted by hackers for the valuable academic research they produce, as well as to use the network infrastructure to launch attacks against other targets. The College of Engineering was the target of two sophisticated cyber-attacks in 2015, compromising records of up to 18,000 people.
Since attackers mostly gain access to college networks through phishing emails or by placing malicious code into websites the faculty and students regularly visit, educational institutions can reduce the instances of cyber-attacks by increasing awareness about potential cyber-threats and enforcing stricter control over the software and hardware used. Moreover, they should prioritize which information is the most sensitive and spend their limited resources on protecting it.
What Are Cybersecurity Companies Doing to Curb the Rising Threat of Cyber-Attacks?
While the rise in cyber-attacks has been costing companies millions of dollars, a number of cybersecurity companies are taking the fight back to cyber-criminals. Here’s how they did/are doing it:
- Earlier this year, major security players like Trustonic, AT&T, Palo Alto Networks, IBM and Nokia formed the “IoT Cybersecurity Alliance” to help customers tackle their IoT cybersecurity challenges and issues.
- One of the world’s leading security companies, Avast’s zero-day protection defended over a million potential victims of the WannaCry ransomware, stopping at least 100,000 attacks per day.
- PureVPN, a VPN service, recently launched new advanced features like antivirus and IDS/IPS, adding that extra layer of security for businesses and individuals to protect themselves against cyberattacks.
With cyber-attacks on the rise, every industry is a target. However, by being proactive when it comes to cybersecurity and employing advanced security strategies and tools, along with spreading awareness about the epidemic, organizations can indeed boost their security against various threats and prevent costly data breaches.
If there’s anything you would like to add, please share your thoughts in the comments section below!
Note: This blog article was written by a guest contributor for the purpose of offering a wider variety of content for our readers. The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of GlobalSign.