ReliaQuest has launched its Annual Cyber Threat Report revealing the latest risks to organisations and how to guard against them – drawing attention to the construction sector as being the most targeted by cybercriminals . Mike McPherson , SVP of Technical Operations at ReliaQuest , offers his top tips for staying secure in an ever-evolving cyber landscape , but says there ’ s no ‘ silver bullet ’ to protecting the construction sector .

Key findings include :

• The construction sector ( with an average of 226 incidents annually ) is the most targeted by cybercriminals closely followed by transportation ( 167 ), wholesale trade ( 138 ), manufacturing ( 116 ) and retailers ( 105 ). These sectors are highly vulnerable to outages which may explain why they are more targeted by criminals .

• The most detected attack technique is the attempted exploitation of exposed remote services , such as Virtual Private Networks ( VPNs ) and remote desktop protocol ( RDP ).

• Initial Access Brokers ( IAB ) provide a route into the above and compromised remote desktop protocol ( RDP ) is the most commonly advertised on criminal forums with 24.4 % of all listings with an average price of US $ 1,000 but can fetch up to US $ 2,700 .

• Virtual Private Networks also allow attackers to gain access to organisations and commonly sold for an average of US $ 500 . However , these prices can vary by vertical sector with access to banking entities trading on average for US $ 5,500 but can reach as high as US $ 23,000 .

• The most common risk alert type is credential exposure – ReliaQuest alerted its customers to over 3 million exposed credentials over the period . However , marked document exposure , open ports , impersonating domains and subdomains remain a significant issue with approximately 400,000 incidents for each of these risk types remediated over the period .

• Ransomware remains the biggest risk facing business in 2023 – LockBit is

www . intelligentbuild . tech 29