The healthcare industry suffered the highest number of cyber attacks in 2021, with ransomware the leading danger, as bad actors took advantage of the Covid-19 pandemic, a study by Cisco has found.
The rise in cyber incidents were most noticeable in the busiest industries where processes and engagement drastically increased, the study said. These industries were exploited by increasing phishing and assaults on internet-facing applications, which became entry points of attack.
A lack of investment, and possibly time, to orient users amid tight schedules also contributed to an already-weak cyber defence infrastructure, revealed the study, which was released during the Gulf Information Security Expo and Conference in Dubai.
"We anticipated that health care would continue to be a top target throughout 2021 after a spate of ransomware adversaries targeted the industry in late 2020," said David Liebenberg, manager of strategic analysis at Cisco.
"The main reasons adversaries are continuing to target this industry is due to healthcare providers’ often underfunded cyber-security budgets and extremely low downtime tolerance, the latter of which has been exacerbated by the ongoing Covid-19 pandemic."
Cyber criminals tend to be where the action is. In this case, industries that were forced to introduce massive operational changes — health care, retail, hospitality, consumer manufacturing and distribution — were prime targets, Cisco said.
These sectors witnessed a significant rise in data breach costs on an annual basis, with health care topping the list at $9.23 million per incident from May 2020 to March 2021 — a $2m increase or 27 per cent jump year-on-year, US technology corporation IBM said in a report last year.
Last May, Ireland's Health Ministry was the target of an attempted attack, which forced systems to be shut down as a precautionary measure and came only days after its public health service HSE was victimised. Officials deemed the attack on the latter as an "international criminal operation" and ransomware was identified in both incidents.
Ransomware incidents increased by 151 per cent in the first half of 2021 as the digital economy thrived, the World Economic Forum said in January.
Ransomware was the top threat in the fourth quarter of 2021, the Cisco report said, although compared to previous quarters it made up a much smaller percentage and comprised only 27 per cent of all threats, against the 38 per cent of the previous three-month period.
The third quarter was the only time in which ransomware was not number one — during that period, threats focused on local government.
Phishing, which involves fake emails appearing to come from a reputable source with the aim of securing personal information, such as passwords and credit card numbers, also posted an upsurge in 2021. It can be correlated to the fact that it is a common means of initial infection for cyber crooks employing ransomware, Cisco said.
Business email-compromise attacks also rose last year. An attacker typically obtains access to a business account and mimics the owner's identity with the aim of defrauding the company and its employees and stakeholders.
The fraudulent practice siphoned more than $1bn from users in 2020, the US Federal Bureau of Investigation said, and continues to try to swindle users on platforms such as Sony's PlayStation Network and Covid-19-related ones, Cisco said.
Last year “presented different verticals with a number of new challenges, as organisations navigated the complex threat landscape in an increasingly digital world", Fady Younes, cyber security director for the Middle East and Africa at Cisco, said in a note.
"This year, decision-makers must ensure to implement advanced ransomware protection and secure network analytics. It is essential that IT leaders invest in technologies that integrate detection, prevention and response capabilities in a single solution for increased visibility and enhanced actionable insights to improve security."