Global Threat Intelligence Report: cyber criminals innovate to develop faster and automated attacks

Published: Wednesday, 20 May 2020 10:28

NTT Ltd, has published its 2020 Global Threat Intelligence Report (GTIR), which reveals that despite efforts by organizations to layer up their cyber defences, attackers are continuing to innovate faster than ever before and automate their attacks. Referencing the current COVID-19 pandemic, the report highlights the challenges that businesses face as cyber criminals look to gain from the global crisis and the importance of secure-by-design and cyber resilience.

The attack data indicates that over half (55 percent) of all attacks in 2019 were a combination of web-application and application-specific attacks, up from 32 percent the year before, while 20 percent of attacks targeted CMS suites and more than 28 percent targeted technologies that support websites. For organizations that are relying more on their web presence during COVID-19, such as customer portals, retail sites, and supported web applications, they risk exposing themselves through systems and applications that cyber criminals are already targeting heavily.

Matthew Gyde, President and CEO of the Security division, NTT Ltd., says: “The current global crisis has shown us that cyber criminals will always take advantage of any situation and organizations must be ready for anything. We are already seeing an increased number of ransomware attacks on healthcare organizations and we expect this to get worse before it gets better. Now more than ever, it’s critical to pay attention to the security that enables your business; making sure you are cyber resilient and maximizing the effectiveness of secure-by-design initiatives.”

Technology tops most attacked list

While attack volumes increased across all industries in the past year, the technology and government sectors were the most attacked globally. Technology became the most attacked industry for the first time, accounting for 25 percent of all attacks (up from 17 percent). Over half of attacks aimed at this sector were application-specific (31 percent) and DoS/DDoS (25 percent) attacks, as well as an increase in weaponization of IoT attacks. Government was in second position, driven largely by geo-political activity accounting for 16 percent of threat activity, and finance was third with 15 percent of all activity. Business and professional services (12 percent) and education (9 percent) completed the top five.

2020 GTIR key highlights:

More details.