What are the most-targeted industries for cyber attacks?
Every business is a potential target for cyber attacks, but hackers choose targets in some industries more than others. The most targeted industries for cyber attacks often include firms operating in “critical” sectors like energy, health, and finance which are targeted by both for-profit hacking groups and state-backed adversaries aiming to do damage to international rivals.
Other industries are targeted because of the lucrative information they hold – retail is a top target for cyber attacks and law firms are often singled out for the same reason. Meanwhile government agencies, councils, and educational establishments often find themselves in hot water due to under-investment and lack of understanding of the importance of security.
Three industries stand out as key targets in the first half of 2023: technology, energy and education, according to recent analysis by Gatewatcher.
Gatewatcher CEO Jacques de la Riviere tells ITPro that schools and universities “suffer from a significant and recurring lack of resources, investment, and staff – and they offer criminals a lot of return”.
“There is access to a database of student and teacher accounts, confidential information that could be resold and technological and engineering data at research establishments.”
Why critical national infrastructure is targeted for cyber attacks
Firms operating in so-called critical national infrastructure (CNI) sectors such as energy, water, transport, and health can find themselves at the top of the cyber-attack target list, with former National Cyber Security Centre (NCSC) chief Ciaran Martin having warned that CNI is the next big ransomware target in March 2023. Financial institutions, cryptocurrency exchanges, and fintech organizations are also considered a prime target, says James McQuiggan, security awareness advocate at KnowBe4. “These organizations handle large amounts of financial information, including sensitive data such as credit card numbers.”
The healthcare industry is also a popular goal for hackers partly because it handles information including medical records. “Cyber-criminals recognize that healthcare systems are maintained by the government or regulatory bodies…