Healthcare and education are the sectors most vulnerable to cyber-attacks. This is according to H2 2021 data from the UK’s Information Commissioner’s Office (ICO), analyzed by CybSafe. This followed an earlier examination of H1 2021 ICO data by the cybersecurity firm.
In total, healthcare and education made up more than a third (34%) of security incidents last year, a 1% rise compared to 2020. The data revealed a significant increase in ransomware attacks targeting the education sector, rising from 19% in 2020 to 22% in 2021. This was particularly profound in the first half of 2021 (26%).
Despite this, the retail and manufacturing sector faced twice as many attacks as either of these industries, experiencing 20% of all attacks in H2 2021. Interestingly, the analysis revealed that ransomware attacks targeting retail and manufacturing superseded phishing for the first time last year. Ransomware made up 27% of all attacks, up from 23% in 2020, with phishing attacks falling from 31% to 26%.
Overall, the ICO data found that phishing continues to be the most common attack vector, at just under 30%, although ransomware is a growing threat to all industries.
Oz Alashe, CEO of CybSafe, said: “The ICO data tells a clear story. The pandemic saw a steep rise in ransomware attacks. With important sectors such as education and healthcare seeing a sustained level of cyber-threats throughout the last year, we need to go beyond standard security training practices.
“To embody a security-first culture, the human aspect of cybersecurity shouldn’t be underestimated. If we want to invoke genuine behavior change, the first step is to appreciate individuals responding differently to threats, and personalization is crucial to building an authentic security-first culture.
“Appreciating differences in teams means you can deliver tailored security initiatives. The result is greater employee confidence, changes in security behavior and ultimately a defense against such malicious threats that will only grow in importance over the coming years.”
The figures tie in with other research about rising ransomware attacks last year. A recent survey by Obrela found that 81% of UK healthcare organizations suffered a ransomware attack in 2021, while the National Cyber Security Centre (NCSC) issued a warning about surging ransomware attacks targeting the education sector.