Download the full 2018 annual report here
Cyber attacks continued to grow in intensity in 2018, with alarming new trends evident. First, government agencies are now being attacked more frequently. The March 2018 attack on computers and networks in Atlanta—a major national transportation hub—was the largest successful ransomware cyber attack on a U.S. city. In the private sector, aerospace, hi-tech, life sciences, metals, mining and natural resources companies experienced cyber attacks in 2018. The medical device segment in particular was recognized as an industry in which cyber attacks on manufacturers could pose threats to patients. After cybersecurity vulnerabilities were identified in the Internet connections used by Medtronic to update software in cardiac implantable electrophysiology devices (CIEDs), the company issued a voluntary recall in collaboration with Food and Drug Administration. Following this event the Healthcare Sector Coordinating Council, a joint group on security issues between industry and government, published a joint security plan addressing the challenges faced by medical devices. Similarly, a computer virus attack at Taiwan Semiconductor Manufacturing Company (TSMC) was caused due to a failure in following proper operating procedures for virus scanning.