Governments become joint most attacked sector for first time, as proportion of cyber attacks doubles
Cyber attack - Image credit: Dennis Skley
Fourteen per cent of cyber attacks were on governments last year, making it the joint most attacked sector for the first time along with the financial sector.
The proportion of cyber attacks on governments across the world doubled from seven per cent in 2015 to 14 per cent in 2016, according to research by Dimension Data.
The analysis looks at data collected by NTT Group companies, which this year comprised 3.5 trillion security logs, 6.2 billion attempted attacks, as well as global honeypots – lures built to attract attackers – and sandbox testing environments, in more than 100 countries.
The joint most attacked sectors, each receiving 14 per cent of all attacks, were the finance sector, which has been in the top spot before, and, for the first time, governments.
The report said that it was “no surprise” that there was a continued focus on financial services, as “it’s well known that cybercriminals follow the money”, and that their databases of sensitive customer data made them an obvious target.
Similarly, it said that the sensitive information held by governments made it a target.
“Governments all over the world are constantly under the threat of sophisticated attacks launched by rival nation-states, terrorist groups, hacktivists, and cyber criminals,” said Matthew Gyde, Dimension Data’s group executive for security.
“That’s because government agencies hold vast amounts of sensitive information – from personnel records, budgetary data, and sensitive communications, to intelligence findings.
“What’s interesting is that this year we saw numerous incidents involving insider threats.”
The report added that geopolitical events in 2016, such as the US presidential campaign and economic sanctions against Russia, could have contributed to the increase in attacks on governments.
The government and financial sectors were joined in the top three most-attacked sectors by manufacturing on 13 per cent.
This was followed by retail (11 per cent) and then the education and business and professional services sectors (10 per cent each).
The most common types of attacks globally were suspicious activity, such as privileged access attempts and exploitation software, which made up 30 per cent of the attacks.
This was followed by web applications attacks (16 per cent) and then service specific attacks (8 per cent).
In the EMEA region, phishing was a “significant issue”, the report said, with source IP addresses in the EMEA accounting for 53 per cent of the world’s phishing attacks.
The Netherlands was the most prolific, with 38 per cent of the total attacks coming from the country.
Meanwhile, the report said that internet of things devices “must be considered as both a potential source and target of attack”.
It found that 66 per cent of the IoT attacks detected in 2016 were attempting to discover specific devices, such as a particular model of video camera, while three per cent were seeking a web server or other type of server.
A UK government survey of cyber attacks in the country, which was carried out by researchers at Ipsos MORI and the University of Portsmouth and published last month, found that 51 per cent of companies holding personal data had experienced a cyber attack last year.
The most common breaches in that study were fraudulent emails – for instance encouraging staff to open dangerous attachments – followed by viruses, malware and ransomware.
Holyrood Newsletters
Holyrood provides comprehensive coverage of Scottish politics, offering award-winning reporting and analysis: Subscribe