MOSCOW, Nov 14 According to a study by MTS RED (part of MTS PJSC, MOEX: MTSS), the average monthly frequency of attacks on Russian companies has increased by 28% and amounted to more than 4 thousand incidents since the beginning of the second half of this year, the organization’s press service reports.
Thus, from July to October of this year, over 17 thousand cyber attacks were recorded – almost the same number were detected in the entire first half of 2023. Analysts also note an increase in the number of highly critical attacks that can lead to prolonged interruption of business processes or financial damage amounting to more than one million rubles. The number of such attacks has already exceeded the figures for the first half of the year; their share of the total volume of information security incidents in companies was 26%, which is four percentage points more than in the first six months of this year.
Hackers most often attack IT companies ( 37%), industrial enterprises (18%) and healthcare organizations (15%). While information technology and industry have been the focus of hackers before, this is the first time that medical organizations have experienced such a volume of cyber attacks.
As stated in the report, in the second half of the year, more than 2.5 thousand cyber attacks were committed on healthcare organizations; in 13% of cases, companies faced serious, highly critical incidents. In the vast majority of cases, they were associated with attempts to infect the infrastructure of medical organizations with malware – ransomware, Trojans with the function of stealing information, etc.
“We see the reason for the increase in cyber attacks on medical organizations is that, on the one hand, they process large volumes of personal data of citizens, on the other hand, they are often less protected than organizations in other areas of activity. We can predict that in the near future it will be medical institutions become a source of new personal data leaks,” said Andrey Dugin, director of the cybersecurity services center at MTS RED, quoted by the press service.
Although the volume of attacks on most industries remains at the level of the first half of 2023, the monthly average attacks on retail and e-commerce organizations have decreased significantly. According to a study by MTS RED SOC, they began to be attacked almost 70% less often.
However, retail, along with telecommunications and industry, remains one of the highest priority targets for highly professional hacker groups. During the study period, in 31% of cases, attacks on retail and e-commerce organizations were critical in terms of possible damage to business, the report says.
Industry and telecommunications also remain on the list of industries most often subject to complex attacks. In the second half of 2023, the share of such attacks on industry was 35%, which is 11 percentage points higher than in the first half of the year. In the telecommunications industry, this figure reached 90%, with an increase of nine percentage points.