Retail and tech firms are hackers' most wanted targets – here's what you can do about it

Hackers target companies successful nan unit and exertion sectors nan most, particularly mini aliases mean firms based successful nan US.

These are nan main findings from caller investigation conducted by nan institution down TechRadar's best VPN provider, NordVPN. The squad astatine NordStellar (the provider's threat vulnerability guidance platform) and NordPass (its password manager service) person investigated almost 2,000 information breach incidents worldwide complete nan past 2 years to understand really cybercriminals take their victims.

"While mini unit companies are highly attractive, different profiles are nary little appealing for hackers," said Karolis Arbaciauskas, Head of Business Development astatine NordPass. "This study helped america exemplify which businesses look higher risks and explicate what measures tin beryllium taken to debar them."

Which businesses are hackers' favourite targets?

As mentioned earlier, Nord's research recovered that unit and exertion person been nan most-targeted sectors complete nan past 2 years, suffering a full of 95 and 56 attacks respectively.

Companies providing business services travel suit, pinch 51 data breach incidents counted during nan investigation play – August 31, 2022, and September 1, 2024.

The apical 10 hackers' most-wanted sectors besides see much circumstantial technology-related businesses, specified arsenic net and web services (36 attacks), IT services and consulting (35), package improvement (26), and machine hardware improvement (22). Entertainment, education, and finance were besides connected nan list, counting 34, 28, and 27 incidents respectively.

These results were surprising, Arbaciauskas explained, considering that nan tech and IT sectors are notoriously little susceptible and amended equipped against online threats. Yet hackers cognize that moreover if companies employment high-end IT solutions, quality mistakes tin still occur.

Besides circumstantial sectors, researchers were keen to find retired wherever highly targeted companies are based.

It doesn't travel arsenic a astonishment that US companies are nan ones getting nan astir attraction from hackers, amounting to almost a 4th of nan businesses appearing successful nan investigation (489). India (114) and nan United Kingdom (73) besides made it to nan apical three, followed by immoderate European countries – Spain and France.

Most remarkably, perhaps, Nord's findings show really cybercriminals for illustration attacking mini and mean businesses. The mostly of nan breached companies figured successful nan investigation (72%), successful fact, had up to 200 employees.

According to Arbaciauskas, this whitethorn beryllium because these firms underestimate their worth to hackers. "There are targeted attacks, yes, but hackers often spell for overmuch broader scope activities, specified arsenic credential stuffing, dictionary aliases rainbow attacks that do not take their victims," he said, adding that for smaller companies a information breach could moreover mean nan extremity of their businesses.

Private companies are besides nan biggest target, accounting for 85% of affected businesses.

How to protect your business from information breaches

As these findings intelligibly highlight, backstage and smaller business realities are nan ones astir astatine consequence of suffering a cyberattack. This is simply a stark reminder that each type of institution – nary matter its size – should person a beardown cybersecurity strategy successful place.

According to Arbaciauskas, it's captious to employment captious information devices crossed each areas of nan business. A reliable password head solution allows for unafraid guidance of institution credentials and accesses, for example.

A unafraid business VPN instrumentality is past nan first measurement towards amended resilience against online threats. That's because a virtual backstage web (VPN) encrypts your employees' net connections, preventing third-party entree to nan information leaving their activity devices.

He besides suggests carrying connected regular cybersecurity audits to thief you spot weaknesses successful nan company's IT infrastructure and hole resilience strategies. Similarly, companies should besides put successful cybersecurity training to raise consciousness and knowledge among labor to trim quality mistakes – often nan main backdoor into superior information breaches.