Mobile

5/10/2017
03:25 PM
50%
50%

'Systemic' Cyberattack Most Likely to Hit Financial, Energy Sectors

The financial services industry is among the top five industries that likely face a systemic cyberattack, according to a survey released today.

A systemic cyberattack attack that simultaneously affects multiple companies is likely to occur this year, with the financial services industry ranked at the top of the list of targeted sectors, according to a survey released today by American International Group (AIG).

AIG queried 70 cybersecurity, technology, and insurance professionals, in the study, and found that the industries most likely to face a systemic attack this year are:

  • financial services, with financial networks and transaction systems at greatest risk (19%)
  • power and energy, with the Internet infrastructure a likely target (15%)
  • telecommunications and utilities, with the power grid at risk (14%)
  • healthcare, with the healthcare system a likely target (13%) 
  • information technology, with software and hardware organizations getting hit, thus disabling the backbone of the digital economy (12%)

More than half of the survey respondents believe a simultaneous attack will occur involving five- to 10 companies, while one-third of those surveyed believe there is more than an even chance that as many as 50 companies will be attacked simultaneously. As for the remaining 20% of survey respondents, they think the number of companies that could be attacked at once could reach into as many as 100 businesses.

Read more about the survey here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RahulB593
50%
50%
RahulB593,
User Rank: Apprentice
5/11/2017 | 2:58:30 AM
cyber attack
This articles are truly great. very informative post.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-10739
PUBLISHED: 2019-01-21
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possib...
CVE-2019-6499
PUBLISHED: 2019-01-21
Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected system.
CVE-2019-6500
PUBLISHED: 2019-01-21
In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request with %2e instead of '.' characters, as demonstrated by an initial /h2hdocumentation//%2e%2e/ substring.
CVE-2019-6498
PUBLISHED: 2019-01-21
GattLib 0.2 has a stack-based buffer over-read in gattlib_connect in dbus/gattlib.c because strncpy is misused.
CVE-2019-6497
PUBLISHED: 2019-01-20
Hotels_Server through 2018-11-05 has SQL Injection via the controller/fetchpwd.php username parameter.