Kaspersky Lab has found that targeted cyber attacks are on the rise year-over-year, and also identified the business sectors most likely to be targeted.
A survey of nearly 4,000 IT managers across 27 countries, revealed that 12% of all businesses reporting a targeted attack in 2013, has risen from the 9% average reported in 2013 and 2012.
A recent report, compiled by Intel-owned McAfee software, found that cyber-crime is having a significant economic impact on South Africa and the rest world, costing the country over R5.8 billion each year – a situation set to get worse.
Globally, 18% of organisations in the Government & Defense sector reported at least one targeted attack within the past 12 months.
The rate of targeted attacks reported within the Government & Defense sector was the highest reported in this year’s survey, a notable increase from the global average of 12% reported across all business sectors.
When looking at data across all business sectors, it’s also clear that targeted attacks are not just limited to the Government & Defense industry, Kaspersky said.
Other business segments have felt the brunt of targeted attacks at a higher-than-average rate, including the Telecommunications industry where 17% of businesses reported targeted attacks, and the Financial Services and Transportation & Logistics sectors, both of which reported targeted attacks within the last 12 months at a rate of 16%.
The increase in the prevalence of targeted attacks, both in volume and in types of businesses being targeted, comes at a time when high-profile targeted attacks are being uncovered at an alarming pace, Kaspersky said.
While the overall amount of data stolen from targeted attacks is lower than the losses that result from general malware attacks, it must be noted that general malware attacks themselves are much more common (an average of 61% of businesses reported malware attacks compared to an average of 12% reported targeted attacks).
However, the value of the data stolen from a targeted attack is much more likely to be highly valuable to the attackers, and the loss of this highly-sensitive data would cause more long-term damage to a company’s business outlook, Kaspersky pointed out.
A “targeted attack” typically consists of several malicious components that operate in tandem to bypass an organisation’s security measures, infect machines, and steal sensitive data.