Technology was the industry most targeted by cybercriminals in 2019, accounting for 25% of all attacks, up from 17% last year. The sector was previously the second most attacked sector in 2017 and 2018, but 2019 saw a significant increase in application-specific DoS/DDoS attacks, as well as the militarization of IoT attacks helped make the technology the most used. attacked, according to Global Threat Intelligence of NTT Report. Matthew Gyde, Chairman and CEO of NTT Ltd's Security Division, said the tech sector has seen a 70% increase in overall attack volume. "The weaponization of IoT attacks has also contributed to the increase, and while there is no activity dominated by a single botnet, we have seen significant volumes of Mirai and IoTroop activity," he said. Botnets such as Mirai, IoTroop, and Echobot have advanced in automation, improving propagation capabilities, while Mirai and IoTroop also spread through IoT attacks, and then spread through analysis and subsequent infection of identified hosts. The report says that almost 55% of all attacks were perpetrated by application-specific attacks (33%) and web application attacks (22%). Of all the attacks targeting the technology, he said more than 15% of specific vulnerabilities allow remote code execution (RCE). (Image credit: NTT) Government was in second position, spurred largely by geopolitical activity accounting for 16% of threatening activity, and finance in third position with 15% of all activity. Business and professional services (12%) and education (9%) round out the top five. Gyde said attacks against government organizations have nearly doubled, including huge leaps in recognition and application-specific attacks, motivated by threat actors taking advantage of the rise of local and regional online services. provided to citizens. Unfortunately, she said, the same Internet-enabled applications provided additional opportunities for attackers. Furthermore, he said that attack volumes increased across all industries from 2018 to 2019. “In addition to application attacks, regional and local governments have suffered significant impacts from denial of service and ransomware attacks. These attacks can be difficult to hide from customers, and small government offices often don't have the resources available to deal with major outages. The automation and commodification of these attacks seems to have a direct effect on government organizations,” she said. The report showed that the tech industry had the highest rate of ransomware detected. NTT researchers found that 9% of all threat detections were ransomware; no other industry has shown detections for this category of malware higher than 4%. WannaCry ransomware was the most frequently detected variant, accounting for 88% of all ransomware detections, while 23% of detected malware belonged to the RAT malware family. The presence of these RATs suggests that threat actors are seeking access to technology organizations to maintain persistence and leak sensitive information over long periods of time, as they have done historically, according to the report.