Manufacturing Sector Hardest Hit with Ransomware
Specialist insurer Beazley has reported a 25% spike in ransomware attacks in the first quarter of 2020 versus Q4 2019, based on incidents reported to in-house breach response team Beazley Breach Response (BBR) Services. While nearly all industries reported incidents, the manufacturing sector was the hardest hit with a 156% increase in incidents quarter-over-quarter.
The most affected sectors continue to be financial services and healthcare, which together accounted for half of all ransomware attacks reported to Beazley in the first quarter.
Pandemic impact
As attack groups turned their attention to ransomware, business email compromise (BEC) incidents reported to Beazley declined 16 percent in the first quarter as compared to the previous quarter. Phishing attacks, however, have soared during lockdown – cyber criminals are using phishing scams to steal personally identifiable information through fake emails and texts designed to look like official COVID-19-related information.
Katherine Keefe, head of BBR Services, said “Cyber criminals are preying on people’s heightened anxiety during this pandemic, tricking them into clicking and sharing links that steal information. Also, those working from home may have weaker IT security than corporate networks typically provide. Organizations must ensure their security systems and protocols are up to date and ensure that colleagues working from home are extra vigilant.”
Ng Teck Siong, Underwriter, Cyber & Technology, Asia Pacific, said “Some examples we have seen in this region include malware re-designed as a Covid-19 tracking platform as well as phishing scams promising the availability of pandemic-related insecurities. Ransomware attacks remain the most common type of notification we receive from our policyholders in Asia, many of which succeed in attacking systems via phishing emails, and lack of awareness among employees, and weak password management are also factors.”
The full Beazley Breach Insight including advice on how to protect your organization from phishing attacks is available here