The number of cyberattacks on the government sector globally doubled to 14% in 2016 as per the latest edition of Executive’s Guide to the NTT Security 2017 Global Threat Intelligence Report.
The report is based on data collected by NTT Security and other group companies including Dimension Data from 3.5 trillion security logs, 6.2bn attempted attacks across a network of 10,000 clients in five continents.
Attacks on the finance sector also rose dramatically from just 3% in 2015 to 14% of all attacks in 2016, followed by manufacturing at 13% and retail at 11%.
63% of all cyberattacks originated from IP addresses in the US, followed by the UK (4%), and China 3%. India with 1% was 12th in the list of nations.
The US is the predominant location of cloud-hosted infrastructure globally. Threat actors often utilise public cloud to orchestrate attacks due to the low cost and stability of this infrastructure.
Matthew Gyde, Dimension Data’s Group Executive – Security said, “Governments all over the world are constantly under the threat of sophisticated attacks launched by rival nation-states, terrorist groups, hacktivists, and cyber criminals. That’s because government agencies hold vast amounts of sensitive information – from personnel records, budgetary data, and sensitive communications, to intelligence findings. What’s interesting is that this year we saw numerous incidents involving insider threats.”
Some of the geo-political events that could have contributed to the government sector being a target include the US presidential election, a new US administration with a more aggressive stance toward China and North Korea, China adopting a more aggressive policy stance in securing its vital ‘core interests’ and Russian state-sponsored actors continuing cyber operations against Western targets, among others.
Commenting on the financial services industry, Kiran Bhagwanani, CEO – Dimension Data India, said, “The ongoing attacks in the financial services industry are no surprise. These organisations have large amounts of digital assets and sensitive customer data. Gaining access to them enables cybercriminals to monetise personally identifiable information and credit card data in the underground economy.
The report said that that IoT and operating technology devices must be considered as both a potential source and target of attack.
Of the IoT attacks detected in 2016, some 66% were attempting to discover specific devices such as a particular model of video camera, 3% were seeking a web server or other type of server, while 2% were attempting to attack a database.
Suspicious activities with 30% share remained the most prevalent type of attack in 2016 followed by web application attack (16%), Server Specific attack (8%) and Malware (7%), Brute forcing (7%) and application specific attack (7%). Phishing attacks were responsible for 73% of malware being delivered to an organization.
The report observed an 11% year-on-year improvement in the number of organisations actively maturing their incident response preparedness. Globally, 32% of organisations had a formal incident response plan in 2016. This is up from an average of 23% in previous years.
Source: ET tech