Contact Us      General Enquiries: +44 (0) 1273 834 000   Support / Service Desk: +44 (0) 113 360 9696

PAV IT

  • About Us
    • Careers
    • Our Green Credentials
    • Privacy Policy
  • IT Certainty
    • Legal and Accountancy
    • Manufacturing Sector
    • Retail Sector
    • Case Studies
    • Customer Testimonials
  • Services
    • Backup and Disaster Recovery
    • IT Support Monitoring
    • Project Delivery
    • Cloud Services
    • Application Packaging
    • Pavilion Service Credits
  • News & Events
    • BLOG
    • Events
    • Newsletters
    • News
  • Technology Solutions
    • Communication and Collaboration
    • Modern Workspaces
    • Data and Governance
CONTACT SALESsupport
  • Home
  • Our latest Blogs
  • Blog
  • Post-Pandemic Cyberattacks Target Vulnerable Industries
June 24, 2022

Post-Pandemic Cyberattacks Target Vulnerable Industries

Monday, 17 August 2020 / Published in Blog, Mimecast, Retail

Post-Pandemic Cyberattacks Target Vulnerable Industries

blog_header

Cybercriminals are targeting industries like retail and manufacturing that continued to operate throughout coronavirus shutdowns – and they’re becoming more sophisticated.

Key Points:

  • The bulk of cyberattacks during the first half of 2020 targeted industries that continued to operate during the pandemic, like manufacturing, retail, and insurance.
  • Many of these attacks are becoming more sophisticated and involve state actors.
  • Cybercriminals have also taken advantage of the shift to working from home by targeting employees with a surge of business email compromise attacks.
  • U.S. and UK cybersecurity agencies issue joint cyber resilience guidance.

Since the start of the COVID-19 pandemic, cyberattacks have grown more sophisticated and more likely to target the most vulnerable sectors of the U.S. economy, leading multiple government agencies to urge those industries to practice greater cyber resilience.

The industries most often targeted by cybercriminals during the first half of 2020 were manufacturing, retail and wholesale, as well as insurance, according to the latest threat intelligence report from the Mimecast Threat Center.[i] Those sectors were likely targeted because they continued operating at close to normal levels compared with others, the report noted, although increasing sophistication on the part of criminals also played a role.

Significantly, the threat intelligence researchers also warn that the ranks of cybercriminals include an advanced group of state-sponsored actors seeking to steal intellectual property and obstruct critical industries. Recently, for instance, the U.S., UK and Canada accused the Russian government of sponsoring a group trying to steal COVID-19 vaccine research.[ii]

Cyberattacks Hit the Retail and Manufacturing Sectors Hard

These shifts have taken place in response to the pandemic, the study notes.

For example, the retail/wholesale and manufacturing sectors, which continued to operate throughout the coronavirus shutdown, became key targets accounting for nearly 20% of all attacks during the year’s first half.

Throughout the lockdown, the retail and wholesale sector continued to do strong business via e-commerce, but this made it an inviting target for cyber thieves. Manufacturers, meanwhile, became targets of ransomware attacks, such as the one that put the brakes on Honda Motor Co. in June.

Cybercriminals also took advantage of the surge in working from home during the pandemic’s early days. An analysis of email attack activity at the start of the lockdown showed business email compromise attacks were up sharply.[iii] “Unsurprisingly,” the Mimecast Threat Report states, “the key threat identified in the first half of this year was the multitude of ways cybercriminals sought to exploit the circumstances of the global COVID-19 pandemic.”

This was reflected in a March 16 letter to state attorneys general from U.S. Attorney General William Barr, who warned of “reports of phishing emails from entities posing as the World Health Organization or the Centers for Disease Control and Prevention, and reports of malware being inserted into mobile apps designed to track the spread of the virus.”[iv]

Manufacturers and Healthcare Researchers Warned to Boost Cyber Resilience

The threats against critical industries have prompted the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Department of Energy and the UK’s National Cyber Security Centre (NCSC) to jointly issue a guide to cyber resilience best practices for industrial control systems (ICS). These include basic cyber hygiene practices such as regular data backups, prompt testing and distribution of routine software patches, whitelisting applications and disabling all unnecessary services and ports. It also recommends designing systems with cyber resiliency in mind and implementing a risk-based defense-in-depth approach to secure ICS hosts and networks.[v]

Another industry subject to increased levels of cybercriminal activity since the start of the contagion has been healthcare, and the FBI and CISA have warned U.S. organizations working on COVID-19 research to be on their guard. In May, the FBI and CISA alerted researchers about state-sponsored Chinese criminal hackers “attempting to identify and illicitly obtain valuable intellectual property (IP) and public health data,”[vi] and the FBI issued a short list of recommendations. These include:

  • Assuming that press attention affiliating your organization with COVID-19-related research will lead to increased cybercriminal interest and activity.
  • Patching all systems for critical vulnerabilities and prioritizing timely patching for known vulnerabilities.
  • Actively scanning web applications for unauthorized access, modification or anomalous activity.
  • Upgrading credential requirements and requiring multifactor authentication.
  • Identifying and suspending access for users who exhibit unusual activity.

The Bottom Line

Cybercriminals are opportunistically targeting industries that continued to operate full tilt during the recent coronavirus shutdowns, and their attacks have grown ever more sophisticated. Given this shifting landscape, taking the appropriate countermeasures becomes

[i]  Mimecast Threat Intelligence Report: Black Hat USA Edition, July 2020

[ii] “Russia Is Trying To Steal Virus Vaccine Data, Western Nations Say” New York Times, July 16, 2020

[iii] “The First 100 Days of Coronavirus,” Mimecast Report, May 2020

[iv] “Memorandum To All United States Attorneys” U.S. Attorney General William Barr, March 16, 2020

[v] “Recommended Cybersecurity Practices for Industrial Control Systems” Department of Homeland Security CISA

[vi] “People’s Republic of China (PRC) Targeting of COVID-19 Research Organizations” FBI National Press Office

by Mercedes Cardona

Original article can be found HERE

What you can read next

Does your software portfolio resemble urban sprawl?
Does your software portfolio resemble urban sprawl?
Cisco Webinar Every Company Is Now An IT Company
Every Company Is Now An IT Company
Why Good Network Management Is More Important Than Ever, blockchain
Why Good Network Management Is More Important Than Ever

Recent Posts

  • Sophos Event Blog Header

    Better cyber protection doesn’t have to cost you more

    Most campaigns that vendors / resellers run is ...
  • Cyber Insurance Blog

    Cyber insurance: there’s bad news and there’s good news

    The threat environment is more challenging than...
  • Evolving Cyberattacks header

    How Common Types of Cyberattacks are Evolving

    Cyberattacks are ever changing. Read about cybe...
  • Watchguard MFA Header

    Protecting User Identity and Securing Business Trust with Multi-Factor Authentication

    THE EVOLUTION OF AUTHENTICATION – HOW WE GOT HE...
  • CRN Nomination 2022 Header

    CRN Best Company to Work For Nomination 2022

    Why is your company such a great place to work?...

Categories

  • Applications
  • Blog
  • Cisco
  • Commvault
  • Events
  • Legal
  • Manufacturing
  • Microsoft
  • Mimecast
  • Networking
  • News
  • Newsletters
  • Other News
  • Retail
  • Sophos
  • Watchguard

pavilion logo small

A leading IT infrastructure solution and support provider that has been delivering flexible and modular solutions and consultancy to businesses across the UK since 1988.

GET IN TOUCH

  • General Enquiries: +44 (0)1273 834 000
  • Support Desk: +44 (0)1273 834 433
  • Email: info@pav.co.uk
  • PAV I.T. Services
  • The Old Corn Mill, Bullhouse Mill
  • Lee Lane, Millhouse Green
  • Sheffield S36 9NN
  • View on Google Maps
  • About Us
    • Careers
    • Our Green Credentials
    • Privacy Policy
  • IT Certainty
    • Legal and Accountancy
    • Manufacturing Sector
    • Retail Sector
    • Case Studies
    • Customer Testimonials
  • Services
    • Backup and Disaster Recovery
    • IT Support Monitoring
    • Project Delivery
    • Cloud Services
    • Application Packaging
    • Pavilion Service Credits
  • News & Events
    • BLOG
    • Events
    • Newsletters
    • News
  • Technology Solutions
    • Communication and Collaboration
    • Modern Workspaces
    • Data and Governance

Pav IT © 2022 All rights reserved.

  • GET SOCIAL
TOP