Government agencies up, financial institutions down, as most targeted for cyber attacks
Government institutions worldwide are prime targets for advanced persistent threat attacks, according to a report from security company Positive Technologies.
Among the APT groups that were studied by specialists from the company’s Expert Security Center, 68 percent were targeting government institutions. In 2019, the center uncovered the APT group Calypso, which focuses specifically on attacking government institutions.
These organizations are an easy target for attackers, the report said, due to basic security measures, the technological illiteracy of many public servants regarding information security, and public access to information about government security software purchases.
The study also noted that large-scale cyber attacks on the financial sector are no longer profitable. The total number of attacks on financial organizations has decreased. Most banks, especially large ones, have equipped themselves to effectively deter such attacks, it said. As a result, cyber criminals have decided to focus on other, less-defended sectors, the report noted.
Another key finding is that hardware vulnerabilities have forced businesses to change their threat models. Searching for hardware vulnerabilities is a new trend among hackers, who are looking for and finding vulnerabilities in circuit boards and elements of hardware logic.
Organizations have acknowledged the scale of this problem and are accounting for these vulnerabilities in their threat models, the report said. To address the problem, they have been investing in defensive equipment development and employee training.