AuditBoard Live Webinar banner advert Diligent One Platform World tour ad April 2024 TeamMate ESG advertising banner 2023

Web attacks make finance the most targeted sector in EMEA

Finance is once again the most attacked sector in EMEA, according to a report by security company NTT Security. An increase in the number of web attacks on financial organisations pushed business and professional services into second place.

The 2019 Global Threat Intelligence Report (GTIR) found that financial sector organisations were the target for 30 per cent of all attacks – compared to 17 per cent globally. Business and professional services, which was last year’s most attacked sector, received 24 per cent of attacks.

The report analysed attacks against 18 industry sectors. After the finance sector and business and professional services, the most attacked sectors were technology (17 per cent) and manufacturing (9 per cent) in EMEA. Web application attacks were largely to blame, accounting for over 43 per cent of hostile activity against these sectors, well above the global average of 32 per cent.

The finance industry in EMEA saw web attacks almost double from 22 per cent to 43 per cent over the past year. Similarly, manufacturing experienced a massive surge in web attacks (rising from 9 per cent to 42 per cent), although the overall attack volume across EMEA decreased.

“Some of the most prevalent activity in EMEA during the past year was related to web-application attacks – and it’s not surprising. These attacks most often rely on leveraging an exposed unpatched vulnerability or misconfigured system, targeting organisations with high volumes of sensitive data," commented Kai Grunwitz, SVP NTT Security EMEA. "The consequences could be devastating as it could be used for financial gain, industry superiority or corporate espionage."

The survey also found that attacks from sources within China against all targets in EMEA dropped nearly 40 per cent to 13 per cent – following closely behind the United States at 16 per cent. This does not mean the actual attacker has changed; rather the source of the attacks has changed. The top five attacked sectors in EMEA experienced more attacks from within EMEA than from any other region (75 per cent). This supports the common notion that attackers tend to leverage attack sources near their targets, an observation which was demonstrated more strongly in EMEA than other regions.

This article was first published in April 2019.