All Sectors Should Expect A Holiday Cyberattack Surprise

Retail is known to experience a spike in cybercrime around the holidays. With millions of shoppers conducting business online, the threat landscape usually increases with this jolt in traffic. However, this year, it’s not only Retail that should be concerned — research by CORO finds that all mid-market businesses are 490% more likely to experience a security breach by the end of 2021 than they were in 2019.

Not only is cyberwarfare raging throughout sectors, but attack types are morphing. This uptake is likely brought on by digital transformation during the pandemic, a more intelligent class of cyberattacker, and a lack of complete coverage of cybersecurity solutions. For these reasons, an attack is no longer a matter of if but when.

FinConDX 2021

Mid-sized companies appear to be especially vulnerable. Such organizations may not afford the large security team of an enterprise but may still hold valuable assets and sensitive customer data.

The report from CORO analyzes data from over 4,000 mid-sized companies across Retail, Manufacturing, Professional Services, Healthcare, Transportation, and Education. It examines the number of attacks from October 2020 through October 2021 and extrapolated data onto the rest of 2021. Below, I’ll review the key takeaways from the report.

Threat Escalation Across Industries

Throughout 2020 and 2021, attacks on mid-sized businesses in every sector increased by at least 50%. The rise was most prominent in the Transportation and Healthcare industries, which increased by 125%.

The data also demonstrates an interesting trend — an end-of-year escalation in attacks across sectors. There was a 22% to 36% increase in the average number of attacks in the last four months of 2020.

By extrapolating data from 2020 and using the first eight months of 2021 as a baseline, the study estimates a gradual, then sharp uptake in attacks. Thus, the report concludes that all sectors will experience a quick uptake in threats throughout the holiday season.

Mid-sized companies are 490% more likely to experience a breach than in 2019. The report contends that the rush to digital transformation amid COVID-19 likely led to immature technical adoption and unprotected networks.

Attacks Become More Sophisticated

The bulk of attacks, 86%, are naive, meaning they involve no attempt to differentiate one target from another. These attacks are likely driven by bot traffic, whose automated scripting is programmed to hit any public endpoint available.

However, more sophisticated attacks have significantly grown in number over the last year. Targeted attacks rose from 12-26%. Customized attacks increased from one to four percent. And insider threats also increased from one to two percent. Though custom and insider threat attack types still make up a small portion of attacks, the fact that they have increased by 4x and 2x, respectively, is alarming.

The sophisticated attacks that involve intense planning and months of surveillance are likely the most rewarding to cybercriminals. Pointed ransomware attacks against specific government agencies or private sector companies continue to make the headlines. And data trends indicate a greater likelihood of such targeted attacks becoming more advanced and more commonplace in the near future.

Attacks also utilize many vectors, all of which surged remarkably in the past year. But of all attack vectors, bot attacks rose the highest, by 238% over the past year. Next were Wi-Fi phishing, at 203%, Email phishing via cloud apps, at 186%, and malware sent via cloud apps, at 180%.

A Greater Security Response Required

Most mid-sized and growing companies surveyed for this report lack the most basic security protections, which is troubling. According to the study, 99% of growing companies lack basic security protection for WiFi-Phishing, bot attacks, cloud malware, and insider threats.

Cybercrime is a lucrative business, and hasty technological adoption could leave an honest company open to attack. Even if they have deployed proper attack-specific solutions, a high percentage of security tools are misconfigured — at least 70% of all security solution deployments are misconfigured.

So this holiday season, all industries should be extra vigilant. Unfortunately, for the honest hard workers out there, cybercriminals don’t care how naughty or nice you’ve been. So, check your security checklist, and check it twice. Otherwise, the surprise may be a lot worse than coal.

For more information, readers can view statistics or trade an email for the full report here.