These sectors are top targets for cybercrime, and other cybersecurity news to know this month
The healthcare sector bears the brunt of cybercrime activity, accounting for 14.2% off all attacks targeting critical infrastructure. Image: Reuters/Mario Anzuoni
- Top cybersecurity news: Critical infrastructure is the main target of cybercriminals; Apple upgrades to quantum-proof encryption; Millions of telecom customers affected by dark web leak.
- This regular round-up brings you key cybersecurity stories from the past month.
1. Cybercrime's biggest targets revealed
Cybercriminals cast a wide net when they go in search of targets. We're all familiar with scam attempts that arrive by SMS, social media, email and telephone calls, but entire business and service sectors are dealing with cybercrime on a whole different level. Now, researchers have revealed the sectors most commonly targeted by hackers, extortionists, digital spies and other online criminals.
Citing data from the European Repository of Cyber Incidents (ERCI), Statista reports that critical infrastructure is the target cybercriminals go after most frequently. State institutions and political systems are the second most common target, with more than 450 reported incidents in 2023.
The ERCI's breakdown of attacks on critical infrastructure shows the scale of the problem and the services most frequently hit by attacks.
The healthcare sector bears the brunt of cybercrime activity, accounting for 14.2% off all attacks targeting critical infrastructure. These include ransomware attacks, the theft of confidential patient healthcare records and the disruption of care services in healthcare organizations.
Financial organizations are another major target, accounting for 8.3% of attacks on critical infrastructure since the start of 2023. Telecommunications, transport and the energy sector are also targeted regularly, according to the ERCI.
How is the Forum tackling global cybersecurity challenges?
2. Apple takes encryption into the quantum era
Apple's latest operating system update is adding "future-resistant" cybersecurity features to its iMessage feature.
Apple has called the upgrade "the most significant security upgrade in iMessage history, according to a report in tech publication, Wired. The system, known as Post-Quantum 3 (PQ3) is designed to protect data from immensely powerful quantum computers. While useable quantum computers are still years or even decades away, they will be able to quickly crack most of the encryption and cybersecurity protocols currently in use to protect our data.
The PQ3 system is operating in conjunction with existing encryption technology to add a double layer of protection to content exchanged in its iMessage platform.
The World Economic Forum has long recognized the opportunities and risks posed by computers in the quantum era. In January 2024, we published a Quantum Economy Blueprint, which extends the Forum's Quantum Computing Governance Principles. This blueprint is a guide to building a successful quantum economy based on sound ethical and security guidelines.
3. News in brief: Top cybersecurity stories this month
The personal data of more than 70 million people has been leaked online, reports the BBC. They were all customers and former customers of US telecoms firm AT&T. In a statement, the company said it was offering free identity theft advice and credit monitoring services to affected customers.
Japan and the Philippines are teaming up with the US to form a new alliance to prevent cyberattacks. The three nations agreed to share intelligence and expertise at a summit in early April.
The Indian government says it has rescued more than 250 citizens who were lured to Cambodia and forced to participate in online fraud schemes. A spokesman for India's External Affairs Department said the two countries were "cracking down on those responsible for fraudulent schemes".
Streaming service ROKU says it has identified almost 600,000 accounts compromised in two separate cyberattacks. Hackers have used around 400 hacked accounts to take out unauthorized subscriptions.
The European Union has delayed a vote on a new cybersecurity certification scheme over disagreements about imposed restrictions on big tech companies. A report from Reuters says the EU is yet to agree on the terms for allowing big tech to operate as secure and trusted vendors.
4. More about cybersecurity on our blog
There's a new warning from Interpol about the global growth of AI-driven financial crimes. One problem area is the rise of so-called pig-butchering scams, which often involve exploiting vulnerabilities that arise in human relationships. The scams also usually involve cryptocurrencies, which not all law enforcement agencies have the capacity to trace.
A critical lack of cybersecurity professionals is leaving us all vulnerable to online criminals. The Forum has identified a skills gap running to 4 million people required to fill digital security roles. We are working with partners in the public and private sectors to close the digital skills gap.
More on CybersecuritySee all
Sean Doyle and Natalia Umansky
November 26, 2024