Content, Content

Cyber Attacks on Industry Climb, Gov’t Drop in Q2, Report Says

Organizations hit by cyber attacks keep many of those incidents private, concerned that their reputation with customers and suppliers could suffer should they make such information public, a new report said.

That suggests that not only are there more cybersecurity events than even researchers know but they could also be more crippling. Still, data compiled by Positive Technology to produce its Q2 2020 Cyber Threatscape Report  present a daunting picture, with the number of cyber attacks during the period spiking by nearly 60 percent from the same period last year, and attacks on industry climbing by five percent while slipping on government targets by seven percent. The enterprise security provider said it relied on its "own expertise, outcomes of numerous investigations, and data from authoritative sources" to produce the report.

Here are some top line data from the report:

  • Cyberattacks increased by 59% compared to Q2 2019, and by 9% compared to the first quarter 2020.
  • The share of attacks targeted at government agencies dropped from 23% in Q1 to 16% in Q2, while those targeting manufacturing rose from 10% to 15%.
  • The initial penetration vector in attacks on manufacturing and industrial companies was most frequently phishing emails (83% of attacks) or vulnerabilities on the network perimeter (14%).
  • The overall amount of company credentials stolen doubled over Q1.
  • April and May were record-breaking in terms of the number of successful cyber attacks, likely the result of the pandemic.
  • Attacks caused by the exploitation of vulnerabilities and configuration flaws doubled between Q1 and Q2 this year.
  • Ransomware was used in 39% of malware attacks on organizations.
  • 16% of phishing attacks took advantage of COVID-19 concerns compared to 13% in Q1.
  • More than a third (36%) of such attacks did not target a specific industry, 32% targeted individuals, and 13% were aimed at government institutions.
  • Maze and Sodinokibi operators were the most active perpetrators of ransomware attacks in Q2 2020.

It's not only the number of cyber attacks that have increased but also the severity of the consequences, said Yana Avezova, a Positive analyst. " groups now routinely threaten victims with publication of data if the victim fails to pay up,” he said. “To sell the stolen data, many ransomware operators create special data leak sites where they publish a list of victims and the stolen information,” he said.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.