Healthcare the Top-Targeted Vertical for Cybercrime
Cyber-attack rates are up by more than 200%, but not all targets are equally affected. When it comes to which verticals are most in the crosshairs of cyber-criminals, healthcare feels the brunt, on average.
According to the Vectra Networks Post-Intrusion Report covering Q1 trends, healthcare had 164 threats detected per 1,000 host devices, on average. The segment is closely followed by education and media, which had 145 and 123 detections per 1,000 host devices, respectively. By comparison, the food and beverage industry came in as the least-targeted industry, with just 17 detections per 1,000 hosts.
Meanwhile, attack rates are increasing across the board: The average number of reconnaissance, lateral movement and exfiltration detections have all increased by more than 265%.
Drilling into the numbers, the report shows that attackers want what the media has: Media organizations experienced the highest rates of exfiltration in Q1, with 34 detections per 1,000 host devices. The industry’s high rates of exfiltration attempts can likely be attributed to its decentralized supply chain made up of small businesses with limited IT staff, the report noted.
Entertainment meanwhile experiences the most diverse attacks: The entertainment industry experienced above-average rates of the five attack behaviors measured. Only the food and beverage industry experienced below-average detections for all activity measured.
Reconnaissance detections meanwhile were up by 333% when compared to 2016. Internal reconnaissance is a necessary first step for ransomware campaigns. The report said that the sharp increase in reconnaissance detections may be an early indicator of the recent rise of attacks, such as WannaCry.
And finally, the finance and technology sectors have proved to be the most resilient. These industries have below-average detection rates, with 37 and 38 detections per 1,000 hosts, respectively. Vectra said this indicates the presence of stronger policies, mature response capabilities and better control of the attack surface.
Source: Information Security Magazine