There is no industry that hackers won't target as long as they have something to gain from it. All and any personally identifiable information has some value to someone on the Dark Web, whether it will be used for identity theft purposes, for an advanced targeted attack or for something else. Cyber criminals work tirelessly to breach systems in a variety of verticals, and it shows: In 2015, the Identity Theft Resource Center tallied over 780 data breaches, amounting to the exposure of more than 169 million records.
That said, certain industries and verticals are far more likely to be victimized by cyber attackers than others by nature of the potential value of the data and other digital assets in their protection. In particular, any organization that has personally identifiable information is a highly prized target. As digitization of enterprise resources continues, this has grown to include health care, government, finance, retail and education. Let's take a closer look at some of the prominent threats faced by each.
Depending on the source, or the manner in which a study was conducted, there will be some variation in what comes out as the most highly targeted industry. Regardless of minor discrepancies, health care will always fall toward the top of the list, if not at the top of the list. According to Trend Micro's comprehensive analysis of data breaches that took place between 2005 and 2015, health care came out ahead, representing the most highly targeted industry for data breaches. Given the recent flurry of reports of health care breaches, this isn't necessarily surprising.
In 2015, for instance, the largest-scale data breach was executed against Anthem, and the result was the theft of personal information from approximately 80 million customers. The cyber attack that made this possible, as well as the Premera breach that affected over 10 million customers, began with something very similar to a phishing scam. According to Computerworld, cyber criminals created a fake domain name that was meant to mimic a legitimate Anthem Web portal. As a result, it is believed that they managed to steal employee passwords and login information, and from there, find a way into the system. In other words, it's quite possible that the worst data breach of 2015 began as little more than a clever phishing scam.
The moral of the story here is that hackers go after health care hard, and they will use a variety of tactics to plunder protected health information and other personally identifiable data. Nevertheless, Trend Micro's report notes that when it comes to the theft of health care records, the loss of portable devices represented the biggest threat to sensitive information. As mobile devices develop into a mainstay across all industries, health care organizations will have their work cut out for them in ensuring that all end points have ironclad cyber security.
Interestingly, number two on Trend Micro's list of most-breached industries was education. In this case, educational records were the sought-after loot, especially at the college and university levels. Trend Micro notes that many educational records contain personally identifiable information including contact information, Social Security numbers and more.
The number one cyber threat to education was hacking and malware. This makes sense given the high volume of computer users on any given day in a university setting. Students, staff and faculty may access any number of websites. They might check personal email accounts, update social media, shop online and even download music and other files. This would also partially explain why unintended exposure is the second most prominent cause of data breaches in education. If a system administrator, teacher or employee from the billing or financial aid office forgets to terminate a session, personally identifiable information can be rendered vulnerable as a result.
As hubs for research – including medical research – it makes sense that hackers would launch targeted attacks on universities. If there is a silver lining, it is that Trend Micro has noted a continual decline in the number of data breaches in education since 2010, which may be the result of hackers moving on to industries that have a higher probably for a hefty payday, for example, health care and government.
It's not surprising that government is high up on Trend Micro's list, especially considering how hard government organizations were hit in 2015. According to Control Risks' 2016 Riskmap Report, a third of all targeted cyber attacks were aimed at government. Not to mention, the Office of Personnel Management data breach, which affected more than 21 million people, was one of the most infamous cyber attacks of 2015.
However, it is somewhat unexpected that the top cause of government-related data breaches was unintended exposure, followed shortly thereafter by lost portable devices. It's well-understood that there are plenty of parties that could benefit from breaching government cyber security – foreign nation-states, militant groups, crime rings and much more. For this reason, the fact that many government cyber woes are the result of internal mistakes is especially alarming.
In 2015, there were several cases in which the government was called out for negligence of cyber security best practices. In November, a survey revealed that as many as 85 percent of government workers admitted to IT behavior on mobile devices that had the potential to put work-related information at risk, according to TechNewsWorld. Only a few days later, The Register reported that the Department of Homeland Security was guilty of running multiple unpatched databases because personnel had not been appointed to the task. Some of the databases in question even had "secret" and "top secret" designations. Going forward, it's vital that incidents such as this are prevented. Hackers will not hesitate to turn even the simplest mistake against the government.
Trend Micro's research highlights a very clear rise in the number of cyber attacks that have targeted retail over the last five years. Furthermore, hacking and malware represent nearly 50 percent of these data breaches. Hackers are going after the point of sale in an effort to capture credit card information, which can then be sold on the Dark Web.
A variety of tactics are being used to this end, and two of the chief culprits are memory-scraping malware and POS skimmers. The latter, according to Trend Micro, entails that rigging of payment processing units to steal credit card information. This is especially a problem for small and medium-sized businesses, which may be more likely to purchase payment processing systems from less-reputable vendors.
As more payment card vendors implement EMV chip-card technology, and as retailers switch to EMV-enabled card readers, the cyber threats to the POS will hopefully become less prominent. EMV technology is not necessarily ironclad, but it is a significant step up in cyber security from magnetic stripes, and one that more retailers will take as 2016 unfolds.
Last but not least, financial sectors are highly targeted for obvious reasons. In addition to safeguarding money, financial institutions must also protect personally identifiable information. This includes contact information, Social Security numbers and more. Curiously, Trend Micro found that lost portable devices and other insider threats were some of the main sources of data breaches, highlighting the need for stronger enforcement policies to keep sensitive information secure.
However, Trend Micro also noted that hacking and malware that target financial institutions are not too far behind, and gaining. Phishing scams, for example, might be leveraged to get a customer to unwittingly expose their login information for an online banking account. Alternatively, hackers might go straight for the source. In 2015, companies in the finance sector including Scottrade, Dow Jones and Experian all fell prey to hackers. As cyber threats against financial institutions continue to mount, organizations in this industry must do everything they can to eliminate the risk of internal problems that could lead to a data breach. The next step is beefing up cyber security at all endpoints, for customers and for workers.
Now more than ever, comprehensive threat protection such as Deep Security from Trend Micro is absolutely necessary for organizations in finance and other highly targeted industries.