Tuesday, November 5, 2024

New study reveals the features that make a company most attractive for hackers

The go-to targets for cybercriminals have been revealed, and a private small company from the United Kingdom operating in the retail field would definitely be one of them, according to the latest study by NordPass.

In partnership with NordStellar, NordPass evaluated nearly 2,000 data breach incidents worldwide from the past two years, extracting insights on which companies are most likely to experience a cybersecurity breach. Experts ranked companies based on their likelihood for a breach depending on their industry, size, company type, and country of registration.

“While small retail companies are highly attractive, other profiles are no less appealing for hackers. This analysis helped us illustrate which businesses face higher risks and explain what measures can be taken to avoid them,” says Karolis Arbaciauskas, head of business development at NordPass.

Retail and technology sectors are in the line of fire

Among the data security incidents investigated by experts, most occurred in the retail industry (95 incidents). The second most breached sector is technology, with 56 incidents recorded in the past two years.

The top 10 most attractive industries also include more specific technology-related sectors, such as internet and web services, IT services and consulting, software development, and computer hardware development.

According to Arbaciauskas, these results are rather surprising, given that many think that the technology or IT sectors are less vulnerable and are better equipped against threats online. However, the reality is that hackers see technology firms as an appealing target — even if the company is equipped with high-end IT solutions, human mistakes can still occur. Therefore, companies should choose tools that eliminate possible risks, invest in employee training, and carefully evaluate their cyber preparedness.

The United Kingdom is the third most affected market

The study reveals that companies operating in the United States get the most attention from hackers, with almost a quarter of businesses (489) investigated for this research registered there. The United Kingdom (73) also got into the top of the list and ranked third after India (114). Among the countries in the European Union, Spain and France are more appealing to hackers than others.

“It’s natural that bigger countries are in the spotlight, given that hackers see a lot of opportunities there. However, no country is resilient to cyber threats and this is important to stress. It is up to businesses themselves to ensure their own and their clients’ security online, no matter their address,” says Arbaciauskas.

SMBs aren’t too small for hackers

In terms of company size, hackers seem to prefer small and medium businesses (SMBs). In the past two years, the absolute majority of investigated breached companies had up to 200 employees. Arbaciauskas explains that the problem could simply lie in SMBs underestimating their value to hackers.

“There are targeted attacks, yes, but hackers often go for much broader scope activities, such as credential stuffing, dictionary or rainbow attacks that do not choose their victims. Because of employees’ reused and poor passwords, or downloaded malware, company credentials appear in the leaked credentials’ databases, which gives a chance for hackers to break in. For smaller companies, a data breach is a risk for business closure — financial costs and reputational damage carry significant aftermath effects,” says Arbaciauskas.

Having investigated the company types that fall under the hackers’ radar the most, NordPass concluded that private businesses are targeted most often. As much as 85% of the analyzed data breaches were against such companies.

What should you do if your business profile falls under this study?

According to Arbaciauskas, any organization, no matter its size or type, should be cautious of its cybersecurity. Employing critical tools such as password managers that allow for secure management of company credentials and accesses, or virtual private network (VPN) solutions is a first step towards better resilience against the threats online.

In addition, cybersecurity auditing is helpful to spot weaknesses in a company’s IT infrastructure and prepare resilience strategies. It is also critical to invest in the overall cybersecurity awareness raising among the organization to avoid human mistakes that often lead to serious data breaches.

A message from the Editor:

Thank you for reading this story on our news site - please take a moment to read this important message:

As you know, our aim is to bring you, the reader, an editorially led news site and magazine but journalism costs money and we rely on advertising, print and digital revenues to help to support them.

With the Covid-19 pandemichaving a major impact on our industry as a whole, the advertising revenues we normally receive, which helps us cover the cost of our journalists and this website, have been drastically affected.

As such we need your help. If you can support our news sites/magazines with either a small donation of even £1, or a subscription to our magazine, which costs just £31.50 per year, (inc p&P and mailed direct to your door) your generosity will help us weather the storm and continue in our quest to deliver quality journalism.

As a subscriber, you will have unlimited access to our web site and magazine. You'll also be offered VIP invitations to our events, preferential rates to all our awards and get access to exclusive newsletters and content.

Just click here to subscribe and in the meantime may I wish you the very best.








Latest news

Related news