Skip to content

The Top 6 Industries At Risk For Cyber Attacks

The Top 6 Industries At Risk For Cyber Attacks

No one with half a brain could deny that the cybersecurity situation is a big problem. Once scam artists the world over figured out that they could easily scam people from afar with little risk to themselves, there has been a relentless feeding frenzy. Even the average person will now frequently get calls and text messages from such low-rent criminals, so just imagine how bad it must be for a major company! Needless to say, some industries are targeted more often than others. Let’s look at the six industries that seem to be the most at-risk of cyber-attack.


You deserve to know where our information comes from, and you will be pleased to know it comes from a reputable authority. This report from IBM was written in 2020 and based on a very large survey of data.

1. Finance And Insurance

This makes a lot of sense, as these two sectors regularly deal with large amounts of cash on a remote basis. For banks and other financial institutions, that is pretty much a necessity. Because insurance companies also frequently need to pay out large amounts for covered services, there are more holes in the armor that criminals can exploit. It seems that IBM’s report has ranked this as the top threat for five years running. Here are the most common attacks for that industry:

  • 1. Server access hijacking
  • 2. Data theft
  • 3. “Other”
  • 4. Ransomware
  • 5. Insider threats (i.e., infiltration)

2. Manufacturing

Companies that manufacture finished goods are being targeted more than ever, as of 2020. In 2019, IBM’s report placed this industry as the eighth most vulnerable. However, it has now become the number-two most targeted industry. This makes sense as well, since many manufacturers are beginning to adopt IoT (“internet of things) devices. These are used to provide more precise remote control of manufacturing processes, so they can be very useful. However, because all of them are connected to the internet, each one represents a potential point of compromise.

Some others have theorized that hackers are targeting manufacturing more often so that they can gain greater access to the operational technologies that drive these plants. If that infrastructure is used elsewhere, it could provide them with easier access to protected data. Based on the report, these are the most common methods of attack for this industry:

  • 1. Ransomware
  • 2. Business email compromise
  • 3. Data theft
  • 4. “Other”
  • 5. DDos

3. Energy Companies

This is another category that jumped up quite a bit from last year. In 2019, this was considered to be the ninth-most vulnerable industry. Now, however, it has become number three on the list. Energy companies are being targeted more often for numerous reasons. Some of them have created a lot of public anger, particularly from environmentalists, and that can sometimes be a motivation for attacks like these.

When we look at these types of attacks, we can see that the majority of them involve data theft. In many cases, the energy companies are not the true targets at all. They are merely being hit because they store a large amount of personal information regarding their customers and associates. According to the report, these are the most likely types of attack for this industry:

  • 1. Data theft (by far)
  • 2. Business email compromise
  • 3. “Other”
  • 4. Remote-access trojans
  • 5. Credential harvesting

4. Retail

This industry has actually reduced its risk since last year, going from the second-most targeted industry to the fourth. Of course, that doesn’t mean that these threats are no longer a concern for retailers. Retailers do a lot of business with a lot of people, making it easier for one fraudulent transaction to get “lost in the shuffle.” Further, retailers often tend to have a lot of disinterested employees, who are more complacent and easier to trick.

Once again, we see a case in which hackers are often seeking information rather than some kind of payday. Retailers will often store a lot of personal data (particularly payment details). Thus, they make an appealing target for those who need a disposable identity. According to the report, here are the most likely methods of attack for this industry:

  • 1. Credential harvesting (by far)
  • 2. Ransomware
  • 3. Server access hijacking
  • 4. “Other”
  • 5. Worms

5. Professional Services

This is an industry that kept its risk the same over the previous year. In 2019, they were also the fifth-most targeted industry, but at least their risk doesn’t seem to be getting any worse. Obviously, this is a big category of businesses but they all have one key thing in common: They deal with smaller numbers of clients and they tend to deal more intimately with those clients as a result. This often means more information that can be stolen.

Ransomware was the biggest offender in this industry, which makes sense. Those who provide high-end professional services make their living based on their reputation. Thus, they are more likely to feel pressured enough to pay a ransomware hacker. According to the report, here are the most likely avenues of attack against the professional services industry:

  • 1. Ransomware (by far)
  • 2. Credential harvesting
  • 3. Server access hijacking
  • 4. Data theft
  • 5. Remote-access trojans

6. Government

This one is also easy to understand, as governments have access to plenty of money and information. Governments may not often be hacked for top-level state secrets, but that lower-priority data is not so well-protected. Local governments, in particular, have been targeted a lot in recent years, as they often don’t have the people or the budgets to combat such threats. According to the report, the most common types of attack for this industry are:

  • 1. Ransomware
  • 2. Data theft
  • 3. Other
  • 4. Business email compromise
  • 5. Misconfiguration


If you work in any of these vulnerable industries, you need the best cybersecurity that money can buy. PCH Technologies is the finest IT support provider in the nation and we are eager to prove that fact. Whether you need computer IT services or just some general tech advice, you can call us at (856) 754-7500.