• 55% of UK businesses report cyber-attacks in 2019.
  • Clickjacking is the most common form of hacking in education (66%).
  • For Government-owned and retail/hospitality businesses, burrowing malware is most common.
  • Denial of service (DDOS) hacking techniques are used most against technical services (58%).

More than half of UK businesses have reported cyber-attacks in 2019.

And recent threats to Britain’s nuclear industry proves no-one is safe.

Is each industry susceptible to a certain type of hacking?

Specops Software sought to find out. Individuals from a range of sectors were asked whether they/their company had experienced a cyber-attack in the past 5 years (or since launch).

1,731 respondents were enlisted. Of these, they were then asked to choose which forms of hacking* they have been victim to.

What is the most common cyber-attack per industry?

The most prevalent hacking technique in each industry can be revealed below and in the graphic:

  • Advertising/Marketing/PR/Media – Waterhole attacks (59%)
  • Business/Finance/Legal – Macro malware (in documents – 51%)
  • Education – Clickjacking (UI Redress – 66%)
  • Government – Burrowing malware (37%)
  • Healthcare – Man-in-the-Middle (MITM) attacks (62%)
  • Miscellaneous Other – Phishing (71%)
  • Retail/Hospitality – Burrowing malware (44%)
  • Technical Services – DDOS (Denial of Service – 58%)

Respondents from each industry were asked further survey questions, detailing efforts companies take to combat future attacks, cyber-security training in the workplace and general risks to businesses – if you would like to see this for a specific sector, please get in touch.

To combat future attacks, Specops Software’s Cyber Security Expert Darren James has provided his top tips:

  1. Always update – This includes antivirus software. Programmes are constantly updated, and every update provides vital patches/bug fixes. Missing any of these could expose a weakness to potential hackers.
  2. Nip it in the bud – at the first sign of strange activity (e.g. unusually large data usage, slow service, pop-ups, etc.), flag it – a superior will be able to carry out necessary checks and prevent a potential virus from worsening.
  3. Don’t believe everything you read – Many still fall for easy phishing scams and clickbait viruses, resulting in serious security breaches. Always question what is presented to you.
  4. If in doubt, refrain from clicking – it’s better to be safe than sorry. There’s no way to know the contents of a document/link before opening, especially as hackers adapt to the improving technological space. Ask for advice, but ultimately avoid it if you are unsure.

*Respondents chose from the following common hacking techniques: Bait and Switch, Browser Locker, Burrowing Malware, Clickjacking (UI Redress), Cookie Theft (Side Jacking/Session Hijacking), Denial of Service (DDOS), Eavesdropping/Passive Attacks, Fake WAP, Human Error, Internal Security Breaches, IoT Attacks, Keylogging, Macro Malware in Documents, Man-in-the-middle (MITM) Attacks, Phishing, Ransomware Attacks, Waterhole Attacks. – Respondents were offered small explanations to each hacking method to ensure choices were accurate and informed.

*If you would like to see stats for these possible choices, don’t hesitate to get in touch.

**If you would like to see survey results for other sectors involved, don’t hesitate to get in touch.

If you publish the research included in this release, you must credit Specops Software.