Cyberattacks: Retail and healthcare sectors among most targeted

Organisations in the business and professional services, retail and hospitality, financial, healthcare and high technology were the top targets of cybercriminals in 2020, said a new report on Tuesday.

According to the “FireEye Mandiant M-Trends 2021” report, organisations in the retail and hospitality industry were targeted more heavily in 2020 — coming in as the second most targeted industry compared to 11th in last year’s report.

Healthcare also rose significantly, becoming the third most targeted industry in 2020, compared to eighth in last year’s report.

This increased focus by threat actors can most likely be explained by the vital role the healthcare sector played during the global pandemic.

While last year’s report noted a drop in internal detections of intrusions compared to the previous year, Mandiant experts observed a return of organisations independently detecting most of their own incidents.

Internal incident detection rose to 59 per cent in 2020 — a 12-point increase compared to 2019.

This return to organisations detecting the majority of intrusions within their environments is in line with the overall trend observed over the last five years, said the report.

“Multifaceted extortion and ransomware are the most prevalent threats to organisations. In this year’s report, direct financial gain was the likely motive for at least 36 per cent of the intrusions we investigated,” said Charles Carmakal, Senior Vice President and Chief Technology Officer, Mandiant, a part of cybersecurity company FireEye.

“Data theft and reselling of unauthorised access to victim organisations remain high as multifaceted extortion and ransomware actors have trended away from purely opportunistic campaigns in favour of targeting organisations that are more likely to pay large extortion demands. Given this surge, organisations must take proactive action to mitigate the potential impact.”

Over the past decade, there has been a trending reduction in global median dwell time – defined as the duration between the start of a cyber intrusion and when it is identified, according to Mandiant.

This measure went from over one year in 2011 to just 24 days in 2020 – that is more than twice as quickly identified in comparison to last year’s report with a median dwell time of 56 days.

Mandiant attributes this reduction to continued development and improvement of organisational detection and response capabilities, along with the surge of multifaceted extortion and ransomware intrusions.

“This year’s M-Trends report identified the three most frequently used initial vectors of compromise as exploits (29 per cent), phishing emails (23 per cent) and stolen credentials or brute force (19 per cent),” said Jurgen Kutscher, Executive Vice President, Service Delivery, Mandiant.

–IANS

gb/bg

(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

Dear Reader,

Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.

We, however, have a request.

As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.

Support quality journalism and subscribe to Business Standard.

Digital Editor