Last week we delivered our list of the top 5 cyber security threats to watch out for in the annum to come. Now it’s time to look at which types of businesses may be most susceptible by analyzing at the events that have transpired in the year leading up to the next. 2018 was marked by many high-profile hacks and there were indeed patterns that provide implications for businesses that mirror the victims in some way, shape or form. Even if you don’t find yourself on the list of industries below, you may identify parallels that let you know that you need to take action today. But first, please do read ahead.
5 Industries That Need to be More Mindful of Cyber Security in 2019
Out of this Business Insider list of the top 21 hacks of 2018 we find one industry leading the way in the unfortunate category. Four of the victims were plucked right out of the hospitality field, including British Airways, Cathay Pacific, Orbitz, and Marriott Starwood. Most notable, was the Marriott Starwood hack which was the second biggest breach in history (second only to Yahoo), impacting an estimated some 500 million guests with exposed data including passport numbers, emails, mailing addresses, and in some cases credit card numbers. In addition to losing consumer trust and the revenue fallout to come, the brand may face a larges fine from regulatory bodies.
The nature of the industry makes it ripe for the picking because consumer data entry is required for bookings. However, while hospitality may have made the headlines, but the implications are clear as any company that records and manages personal information is a big target for hackers. If this is you, time to tighten up ship.
2. Health & Medical
Hospitality businesses may need to be on high alert but so do hospitals and the entire health and medical industry in 2019. You’re going to find this field on every hot hacker target list year in and out, because once again it’s steeped in the fact that medical services host a gigantic amount of sensitive personal information. This makes them very attractive for those seeking to deliver ransomware through vulnerabilities.
One of the biggest cyber attacks of 2018 was on SingHealth (in Singapore), an event which saw 1.5 million patient records accessed. The attack was an advanced persistent threat (APT) attack that utilized advanced and sophisticated tools including customized malware that evaded the provider’s antivirus software and security defenses. Beyond the antiquated reliance of traditional antivirus software, SingHealth’s COI cited a series of gaps in the organization’s mission-critical IT systems and staff missteps as being the key contributor. As it turns out, the server that was exploited in the attack had not been updated since May 2017.
In summation, adoption of more advanced endpoint threat protection that leverages artificial intelligence (AI) and machine learning could have helped prevent such an attack while better training of staff and improvement upon IT infrastructure could have made an even bigger difference. That, and one clear mandate to UPDATE all software and hardware to patch vulnerabilities.
This is an easy one to identify, but the call to action got a lot louder as big names like Saks Fifth Avenue, Saks Off 5th, and Lord & Taylor were compromised. Reports state that cyber criminals lurked on the networks of all three retailers (under the Hudson’s Bay Company umbrella) for nearly a year, stealing credit and debit card data of approximately 5 million customers. This “lurking” behavior was addressed in our recent article on the top cyber security threats to watch out for in 2019, which included spear-phishing as a means to use malware to infect systems via phishing emails. For a refresher on how to keep from falling prey to phishing schemes, read our Don’t Click That Link article and share it with your staff.
Hold on, so you’re telling us that the one industry that is supposed to be the most mindful of cyber security became one of the most susceptible in 2018? Yep.
Now “tech” is a broad category with many vertical industries within, but for the purposes of this article allow us to name a few big brands that were successfully targeted by hackers in 2018. For one, telecommunications giant T-Mobile was hacked at the tail end of summer, with 2 million user accounts compromised after hackers exploited an internal API on its servers. Another hack (and attempt to cover up) that got a lot of press in 2018 caused a tech giant to begin closing up shop on their social network. The Google+ hack compromised the private information of 52.5 profiles and now has many looping Google in there with Facebook when it comes to trust (or lack thereof) over user data security. Other tech-centric companies hacked in 2018 include myPersonality, TimeHop, and Quora.
The point in addressing enterprise tech-based companies here, is to show that even those who are supposedly far ahead of the curve are far from free from advanced threats. Keep reading.
The overall industry diversity of hacks in 2018 deliver a very clear message for all businesses. No one is safe. Whether your industry is addressed above or your brand is immersed in agricultural production, construction, education, energy, finance, legal, manufacturing, media, real estate, telecommunications and everything else between and beyond, the time has come. You need to once and for all overhaul your cyber security protocol by having a reputable IT firm with expertise in cyber security perform a comprehensive review of your IT infrastructure. Only then will gain peace of mind for the years ahead. Contact Fully Managed today.