cybersecurity Archives - Total Supply Chain Summit | Forum Events Ltd

Total Supply Chain Summit | Forum Events Ltd Total Supply Chain Summit | Forum Events Ltd Total Supply Chain Summit | Forum Events Ltd Total Supply Chain Summit | Forum Events Ltd Total Supply Chain Summit | Forum Events Ltd

Posts Tagged :

cybersecurity

Retail and manufacturing sectors ‘most likely’ to be targeted by a cyber-attack

Health, education, retail, and manufacturing sectors continue to be particularly vulnerable to cyber attacks and data breaches, according to analysis of recently released 2021 ICO data.

CybSafe analysed data from the Information Commissioner’s Office (ICO) – the UK’s independent body upholding information rights – following its previous analysis of ICO data for the first half of 2021 to discover the details behind the UK’s cyber security breaches throughout the entire calendar year.

While health and education remain particularly vulnerable to data breaches, the retail and manufacturing sector suffered twice as many cyber attacks as either sector, accounting for 20 percent of attacks overall in H2 of 2021.

Statistics within the retail and manufacturing industry also highlight a more general trend. The sector saw an increase in ransomware attacks, accounting for 27 percent of all attacks in 2021, up from 23 percent in 2020. In contrast, phishing attacks declined, falling from 31 percent in 2020 to 26 percent in 2021. This marks the first-time ransomware attacks have superseded phishing within the sector. Throughout 2021, ransomware saw a notable rise, accounting for 30 percent of attacks between July and December, up from 24 percent between January and June.

While the ICO data highlights phishing as the most common form of attack at just under 30 percent, ransomware continues to be an increasing threat to every sector.

As sectors adapt to life post-pandemic, the education sector is a prime example of how the cyber security landscape has changed for good. ICO 2021 data shows ransomware attacks increased to 22 percent (up from 19 percent), suggesting the trend is not subsiding despite children returning to the classroom. The sector saw a steep rise in ransomware attacks mid-way through 2020. They accounted for 26 percent of attacks in the first half of 2021 compared to just 11 percent in the previous year.

Oz Alashe, CEO of CybSafe, said: “The ICO data tells a clear story. The pandemic saw a steep rise in ransomware attacks. With important sectors such as education and healthcare seeing a sustained level of cyber threats throughout the last year, we need to go beyond standard security training practices.

“To embody a security-first culture, the human aspect of cyber security shouldn’t be underestimated. If we want to invoke genuine behaviour change, the first step is to appreciate individuals responding differently to threats, and personalisation is crucial to building an authentic security-first culture.

“Appreciating differences in teams means you can deliver tailored security initiatives. The result is greater employee confidence, changes in security behaviour, and ultimately a defence against such malicious threats that will only grow in importance over the coming years,” Alashe concluded.

DHL, Amazon and DocuSign among most imitated brands in phishing emails

According to the data presented by the Atlas VPN team, Amazon topped the list as the most impersonated brand in email phishing attacks worldwide last year. In total, 17.7% of brand phishing emails used Amazon’s brand name.
The trillion-dollar brand is closely followed by the world’s leading logistics company DHL and a cloud-based electronic signature technology provider DocuSign, each accounting for 16.5% and 12.7% of the brand phishing campaigns, respectively.
Cybercriminals choose to impersonate big brands to lower the guard of their potential victims. Email phishing attacks lure targets to open links to malicious websites designed to infiltrate malware or steal data.
Digital payment service provider PayPal occupies the fourth spot on the list. Last year, the brand’s name was used in 5.7% of brand impersonation emails.
Next up is the world’s largest professional online network LinkedIn. LinkedIn’s name was abused in 3.5% of brand phishing campaigns.
Other brands in the top ten include Microsoft (3%), web hosting company 1&1 (2.5%), British telecommunications services provider O2 (2.3%), the social media giant Facebook(2.2%), and British banking group HSBC (1.8%).
Cybersecurity writer and researcher at Atlas VPN Ruta Cizinauskaite shares her thoughts on brand phishing attacks: “Brand phishing attacks are especially damaging as they hurt not only the victims that fell for the attack but also the reputation of brands that have been spoofed. There is not much organizations can do to prevent cybercriminals from exploiting their brands. However, email users can protect themselves against phishing attempts by taking matters into their own hands.”