Image default

The most attacked sectors by cybercriminals

In any part of the world, cyber attacks happen all the time. Companies of all sizes, government institutions and any citizen become victims of these attacks. Unfortunately the “it will never happen to me” does not apply here; However, this scenario has a side that becomes more worrying since there are sectors that are more vulnerable to being attacked by criminal groups that use the Internet as a bridge to commit crimes.

At the end of 2019, El Economista carried out an analysis on the sectors most attacked by cybercriminals. Based on studies by international organizations and private sector institutions, the Mexican newspaper determined that financial institutions, critical infrastructure systems, industry 4.0, supply chain, and end users registered the highest number of cyber attacks.

It is important to mention that with the exception of the financial sector, no other productive or government segment is obliged to report the cyber attacks of which it is the target, so this list was based solely on the reported cyber attacks.

1.Financial institutions

According to the report “State of Cybersecurity in the Mexican Financial System”, carried out by the Organization of American States (OAS) in collaboration with the National Banking and Securities Commission (CNBV), none of the financial institutions in our country saved from receiving cyberattack attempts during 2019.

More than 40% of these attempts were successful. Both banks and Fintechs, Cooperative Savings and Loan Societies (Socaps) and Popular Financial Societies (Sofipos) were victims of cyber attacks that cost them in 2018 around $ 107 million in responses and recovery.

2. Critical infrastructure systems

Critical infrastructure systems (physical and virtual) are those that provide essential functions and services to support social, economic and environmental systems; for example, electrical power infrastructure, water supply, transportation systems, security forces, and emergency services. In companies, these systems make the operation and expansion of the business possible.

A clear example of a cyber attack on this sector is the one perpetrated against Pemex when in November 2019 the parastatal suffered an attack on its critical infrastructure with ransomware. According to cybersecurity firm Kaspersky, in our country 50% of critical systems in Mexico suffered infection attempts with some type of malware during 2018.

The consequences are mainly the interruption of operations that can cause significant economic losses, endanger human life or harm the environment. Most of these attacks are carried out via the internet, removable devices such as USB sticks or email messages.

3. Industry 4.0

What is Industry 4.0? This concept refers to a new phase in the Industrial Revolution that focuses on interconnectivity, automation, machine learning, and real-time data. Thus, companies integrate physical operations and production with smart digital technology, machine learning, and big data to create a more connected ecosystem.

These characteristics have placed the industry 4.0 as a target for cybercriminals, a trend that is increasing. According to the director of the Tec de Monterrey Cybersecurity Hub, Felix Antonio Barrio, this scenario has increased the demand for knowledge and research on cybersecurity required by these industries, among which the automotive sector stands out.

“In Mexico and in different countries worldwide, there are variants of malware that are attacking industrial organizations, which increases the risk not only for these industries, but for its supply chain,” he added.

4. Supply chain

A supply or supply chain is a set of elements that allow companies to have the necessary organization to carry out the development of a product or service and that it meets the main objective of satisfying the needs of the end customer. Therefore, when they are attacked by cyber criminals, the operation and reputation of companies are affected.

Cyber ​​attacks aim to violate the systems of the equipment and machinery provided by third-party providers of a company and then introduce malware that affects other systems of the organization.

According to the Cybersecurity Incident Response Center (CERT) of the Spanish consultancy Mnemo, during 2017 and the first quarters of 2018, the number of cases reported by cyber fraud from the supply chain does not exceed both. However, for August, September, and October 2018, the story changed as attacks increased 100% each month.

5. End users

You, your coworker, or your mom are as vulnerable to a cyberattack as much as Pemex, Coca Cola, or Facebook, even more so. The general population uses the internet through devices in which they store sensitive information such as personal, bank or work data. It is not for nothing that Mexico is among the top 10 countries with the highest number of infections with malware on mobile devices.

As an end user we have a responsibility to prevent cyber attacks. Raising awareness of the risks, taking action and reporting all kinds of cyber crime are necessary actions to minimize the success and expansion of cybercriminals who often take advantage of the ignorance of those who use the internet. [/ Vc_column_text]

On the other hand, for companies in any sector, it is imperative to have a specialized team in cybersecurity and solutions that guarantee the prevention, detection and mitigation of cyber attacks that put the operation at risk.

At Orben we specialize in providing services that guarantee the security of companies’ information and that prevent them from becoming victims of cyber criminals. Contact us for more information.