Industrial sector attacks jump 91 percent
A new report from cybersecurity specialist Positive Technologies reveals a reveals a 91 percent jump in attacks on industrial companies and a 54 percent rise in malware-related attacks last year compared to 2019.
The total number of incidents grew by 51 percent compared to 2019. Seven out of 10 attacks were targeted and the most popular targets were government institutions (19 percent), industrial companies (12 percent) and medical institutions (nine percent).
In most cases, industrial companies have been attacked by ransomware variants but there have also been attacks by many APT groups. Malware is becoming more favored by attackers -- the past year seeing an increase of 54 percent over 2019. Malware developers have also devised elaborate methods for concealing their actions and refined their delivery techniques, turning their attention to vulnerabilities on the network perimeter.
Attacks against individuals mainly built on spyware and banking trojans, while organizations were increasingly attacked by ransomware. Ransomware was used in 45 percent of all malware-related attacks against organizations. Medical institutions ranked first in the number of ransomware attacks (17 percent), followed by government institutions (16 percent) and industrial companies (15 percent). In 2020, the strategy of demanding a double ransom for decrypting data and keeping stolen information private also became an identifiable trend.
"The actuation of risks in the industrial sector can have global consequences -- witness the cyberattack on water infrastructure in Israel or the attack in India that led to a power outage," Dmitry Darensky, head of industrial cybersecurity practice at Positive Technologies, says. "Predicting the feasibility of the most dangerous risks and estimating their consequences for critical infrastructures is difficult, as even the most experienced specialists cannot guarantee that all protection mechanisms will work faultlessly."
The full report is available from the Positive Technologies site.