Obrela Security Industries releases its Digital Universe Study every quarter, which is a roundup of the attacks targeting our customers from the last three months.
The study runs a comparison against the previous quarter and the same quarter of the prior year to understand how attacker techniques are changing, which industries are facing the most attacks, and what within the technology stack is being targeted most frequently.
Highlights from our Q3 data reveals:
Putting the numbers into perspective
When it comes to attack data, Q3 is generally one of the quietest times, and this generally points to the fact that seasonal factors, like summer holidays, impact the attack landscape.
However, our data shows that there is still a lot of threat activity during the summer months, so it is not a time to get complacent.
One of the most noticeable findings from our Q3 data is the increase in attacks on the construction industry. This could be down to the easing of COVID restrictions and because many construction projects were put on hold last year. It also points to the fact that attackers continue to ‘go where the money is’. When construction projects stopped, attackers no longer saw the sector as a lucrative target, but as work started to pick up again, so did cyberattack activity.
Once again, we also saw oil and gas hit hard, with an 84 per cent increase in attacks on their cloud environments. It has only been recently that industrial organisations have started to migrate to the cloud, and as more organisations leap, we can expect to see more attacks.
The good news is that operational technology (OT) attacks in oil and gas did decline in Q3, with a 91% drop compared to the previous quarter. However, this is unlikely to be a trend, given that OT presents one of the most frequently used attack paths into industrial organisations.
When it comes to protecting against today’s cyberattacks, organisations must take a risk-based approach to their security defences and always focus on resilience. What is the worst-case scenario for you? What are you doing to protect against it? Once you have identified that worst-case situation, please put all your efforts into hardening your systems to minimise the damage it could create.
Regardless of where attacks are coming from or where they are targeting your technology stack, resilience should always be the focus. Harden systems, think about risks, and most importantly, never let your guard down.