Critical Start Pinpoints Most Targeted Industries for Cyberattacks
Certain industries are more targeted than others because of the data they handle.
Manufacturing and industrial products remained the most targeted industry by cyberattacks during the first half of 2024, according to a new Critical Start report.
Critical Start’s Cyber Research Unit (CRU) reviewed 3,438 high and critical alerts generated by 20 supported endpoint detection and response (EDR) solutions alongside. It also tracked 4,602 reports detailing ransomware and database leak activities across 24 industries in 126 countries.
Global cybercrime should increase by 15% per year over the next five years, reaching $10.5 trillion annually by 2025. That's up from $3 trillion in 2015, according to the report.
Callie Guenther, senior manager of cyber threat research at Critical Start, said one of the most surprising aspects of the report is the rapid adaptation of new attack techniques by threat actors, particularly in industries that were previously less targeted, such as manufacturing.
Critical Start's Callie Guenther
“The aggressiveness and sophistication of these attacks are increasing, highlighting the need for more proactive threat intelligence,” she said.
Key Critical Start Report Findings
Noteworthy findings in the Critical Start report include:
Manufacturing and industrial products led in attacks during the first half of 2024 with 377 confirmed reports of ransomware and database leak hits.
Professional services saw an increase in reported database leaks and ransomware attacks, jumping by 15%, with 351 cases reported versus 334 last year. Legal services organizations, including courthouses, and supply chains have become prime targets because of the wealth of intellectual property and sensitive data they possess.
Health care and life sciences ransomware and database leak incidents surged by 180% in February compared to the same period in 2023. That includes the attack on Change Healthcare and other health care providers.
Engineering and construction remained a consistent target for cyberattacks in the first half of both 2023 and 2024. United States drew most of the cyberattacks in the first half of 2024, experiencing a 46.15% increase compared to 2023.
Critical Start found a 12.75% decrease in database leaks and ransomware attacks targeting technology companies during the first half of this year compared to the first half of 2023.
Certain Industries ‘Prime Targets’
“Certain industries, like health care and finance, are prime targets due to the sensitive and valuable nature of the data they handle,” Guenther said. “However, the report indicates a rise in attacks on manufacturing and critical infrastructure, likely due to the operational disruption potential and the higher likelihood of paying ransoms to avoid downtime.”
The report also highlights trending concerns for businesses, including:
Business email compromise (BEC) scammers used to focus on large corporations, and now they're targeting smaller, less cybersecurity-conscious businesses
The findings show a 3,000% increase in deepfake fraud attempts.
Attackers are increasingly using open-source repositories to launch two main types of attacks, repo confusion attacks, or the creation of repositories with names similar to those of existing, legitimate projects, and supply chain attacks.
“Organizations often fail to adopt a proactive approach to cybersecurity, relying too heavily on reactive measures,” Guenther said. “This includes insufficient threat intelligence integration, lack of employee training on phishing, and inadequate patch management, which leaves them vulnerable to known exploits.”
If current trends continue, the second half of 2024 may see a continuation or even an increase in the frequency and sophistication of attacks, particularly as threat actors refine their methods, she said. Organizations will need to bolster their defenses significantly to counter these evolving threats.
About the Author
You May Also Like