These industries suffered from Social Engineering attacks this year. Credentials, Personal and Internal data are the most commonly lost data varieties. Ransomware is also a major threat for these verticals.
546 incidents, 355 with confirmed data disclosure
Social Engineering, System Intrusion and Basic Web Application Attacks represent 98% of breaches
External (98%), Internal (2%) (breaches)
Financial (78%-100%), Espionage (0%-33%) (breaches) (breaches)
Credentials (94%), Personal (7%), Internal (3%), Other (3%) (breaches)
Top IG1 Protective Controls
Security Awareness and Skills Training (14), Access Control Management (6), Account Management (5)
Mining, Quarrying, and Oil & Gas Extraction + Utilities
- 2021 DBIR
- DBIR Master's Guide
- Results and Analysis
- Incident Classification Patterns
- Data Breach Statistics By Industry
- Accommodation Food Services
- Entertainment Data Breaches
- Educational Services Data Breaches
- Financial Services Data Breaches
- Healthcare Data Breaches Security
- Information Industry Data Breaches
- Manufacturing Data Breaches
- Energy Utilities Data Breaches
- Professional Technical Scientific Services
- Public Administration Data Breaches
- Retail Data Breaches Security
- SMB Data Breaches Deep Dive
- Introduction by Regions
- Year in Review 2021
- 2021 DBIR Corrections
- Download the full report (PDF)
While most of us do not have to think about how to extract precious metals and minerals, or how to generate electricity and manage the complex infrastructure required to power up your PlayStation 5 (if you could find one), the folks in these industries have to do all those things on a daily basis. Not only must they combat various environmental threats, like thunderstorms, broken pipes and squirrels, but they also face threats from the cyber world. Let us dig into the industries that have made our modern connected world possible, despite how that modern connected world tries to bite the hands that feed them.
These industries do not differ vastly from other industries in regard to the top three patterns. However, the breakdown of these patterns does vary. In this sector, Social Engineering seems to be dominating both breaches and incidents this year, with sustained phishing campaigns occurring against some organizations (Figure 112). Social Engineering accounts for 86% of the breaches in this vertical, followed by System Intrusions and Basic Web Application Attacks.
The next most common type of attack is Ransomware, which accounts for 44% of non-Social Engineering attacks in this industry.
Let's get started.
Choose your country to view contact details.
- Select Country...
- United States
- Costa Rica
- Hong Kong
- New Zealand
- United Kingdom
- United States
Call for Sales.
Or we'll call you.