The finance sector faces elevated risk due to rising technology adoption. But the data from the NTT 2018 Global Intelligence Threat Report by Dimension Data shows that attacks against the finance sector have fallen almost by half to 26 per cent in 2017 from a high of 46 per cent in the earlier year, although it continued to remain the most attacked sector in APAC.

The report further highlights that the attacks against the education sector in the APAC region doubled from 9 per cent in 2016 to 18 per cent in the following year. Brute force attacks were found to have been used by cybercriminals to gain unauthorised access to education and retail businesses.

“Brute force and distributed denial of service are fairly basic types of attacks, which are often successful as the targets do not employ basic counter measures such as complex password and two-factor authentication,” explained Murtaza Bhatia, National Business Manager, Cyber Security, Dimension Data.

Attacks on the technology, retail and government sectors were lower at 16, 15 and 13 per cent respectively. Attacks on the manufacturing sector registered a sharp decline from 32 per cent in 2016 to 7 per cent the following year, and this was despite recognition of the region as a massive manufacturing hub.

The study noted that this was in stark contrast to the increase in manufacturing sector attack trends targeting the EMEA, and growing adoption of IoT devices posed a challenge because security practices were only starting to be implemented by IoT vendors.

Summarising the findings, Bhatia said cyber attacks in the APAC region over the last year pointed to discord between advancing technology adoption and lagging security maturity, creating opportunities for lower level attackers to instigate breach attempts across the region.

Industry should adopt best security frameworks to improve security postures, be proactive in raising their defences, invest heavily in end-point controls, patch and vulnerability management to reduce surface attacks and usher in regulation of access to systems. The APAC region should invest in security culture changes, Bhatia advised.