Why Cybercriminals Target Certain Verticals

There’s no question that cybercriminals are equal-opportunity villains. They target every organization possible, regardless of size, location or vertical. In fact, it’s estimated that 30,000 websites are attacked every day, and 64% of all companies have already experienced some form of cyberattack.

Further exacerbating the issue is the fact that threat actors continue to change up their tactics and find new ways to target organizations. According to research from IBM, in just the past year, 67% of companies say the volume and severity of cybersecurity incidents have increased. Additionally, opportunists operate botnets and platforms to sell attacks like distributed denial of service (DDoS) attacks. Prices for these DDoS-for-hire services run the gamut from free to several thousand dollars for high-powered multivector attacks.

While it’s true every company is a potential target, cybercriminals will often exploit security challenges and develop customized attack patterns that target the unique characteristics of specific verticals. This is clear from data in our Threat Intelligence Report for the second half of 2021, which shows that attackers were laser-focused on three verticals in particular: manufacturing, telecommunications and financial services.

Using these three verticals as examples, it’s possible for all organizations to better understand why threat actors target certain verticals and how they can be stopped.

Vertical One: Manufacturing

Several factors contributed to the increase in attacks against software publishers and computer manufacturing: easy access to both fixed and digital supply chains; growing dependence on the internet and expedited digital transformation plans; rapid adoption of Internet of Things (IoT) sensors and smart technology; greater investment in intellectual property (IP); increased interconnectivity in the industrial ecosystem and more.

Many organizations view paying a ransom as the lesser of two evils. Certainly, any unprepared organization could suffer financial losses and damage to both customer relationships and brand reputation. Cybercriminals are very aware that many organizations would prefer to pay a ransom when attacked as opposed to temporarily shutting down operations.

All of these factors contributed to a massive increase in attacks during the second half of 2021. Attacks against software publishers increased by 606%, while attacks on computer manufacturers increased by 162%. Attacks against computer storage manufacturing increased by 263%—all of which show attackers are laser-focused on the digital supply chain.

Vertical Two: Telecommunications

In June, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), issued a warning that hackers working for the Chinese government had breached a number of organizations worldwide, including major telecommunications companies. While specific victims weren’t named, CISA strongly advised organizations that handle massive quantities of sensitive user data to strengthen their digital defenses.

Threat actors are particularly interested in companies involved with the wireless industry and Voice-over-Internet-Protocol (VoIP) providers. The wireless industry has captured their attention for several reasons: gamers increasingly turn to wireless hotspots to play; 5G networks continue to proliferate, as do the technologies and services related to those networks; growth in mobile phones, tablets and other devices.

Criminals to target wireless providers is the massive amounts of data about their customers they store, including who they call and text, billing data—which often includes lucrative personally identifiable information (PII), credit card and other payment data, and more. As a result,DDoS attacks against wireless providers increased by 38% globally in the second part of the year. And yet the 5G threat landscape has much more in store for us in the future. A major component of the technology is edge computing which brings millions of additional hosts for malicious actors to target.

Likewise, malicious actors also used DDoS extortion campaigns to disrupt service for VoIP providers around the world, resulting in a 93% increase in attacks during the second half of 2021. In particular, one DDoS extortion attack against a VoIP provider resulted in a total-loss cost of between $9 million and $12 million according to documents filed with the Securities and Exchange Commission (SEC).

Vertical Three: Financial Services

The financial services vertical continues to attract increasing attention from cybercriminals. Not only do financial services organizations store massive amounts of PII, but they also support online payment transactions for organizations in nearly every other vertical.

According to the Banking Journal, financial services organizations reported 703 cyberattack attempts per week in Q4 2021, a 53% increase over the same period in 2020. Our data shows that DDoS extortion of insurance agencies and brokerages increased 257% in the second half of 2021. And the average total cost of a data breach in financial services according to research from IBM is $5.72 million—a clear illustration of why attackers continue to target this vertical.

The best way for organizations across all verticals to combat threats is to be well-educated, ensure the viability of their networks and protect against future attacks. Likewise, it’s vital to have the ability to detect anomalous behavior as it’s happening on the network—a sign you may be under attack from a previously unknown vulnerability.

NETSCOUT experts can help you assess any potential weaknesses in your network and better help you understand the ways in which your company and vertical are likely to be targeted. Learn more about our solutions.