The organizations 11th edition Data Breach Investigations Report (DBIR) is based on analysis of over 53,000 real world security incidents across 65 different countries, including 2,216 confirmed data breaches.
Unsurprisingly, the report found that cyber criminals are still taking advantage of the same methods and techniques they’ve been using for years, and we still find victims making the same mistakes year after year.
Verizon found that nearly three quarters (73%) of attacks were perpetrated by outsiders, with members of organizations crime groups involved in half those breaches, and nation state or state actors involved in 12%. But let’s not forget insiders; malicious employees are partially to blame. However, errors were at the heart of one in five breaches. These errors included things like failing to shred sensitive information, sending emails to the wrong person or misconfiguring web servers.
In this year’s report, Verizon found that ransomware was the most prevalent variety of malware, as it was found in 39% of all cases where malware was identified. The rise in ransomware attacks is due in part to is ease of deployment and effectiveness and also involves very little risk or costs to execute an attack. Cybercriminals are also moving away from encrypting single user devices and instead are looking to encrypt file servers or databases to create more damage and in turn, demand more ransom money.
Each industry holds different kinds of confidential information, from payment card data, personally identifiable information, intellectual property, to financial information. Similarly, each industry faced different kinds of security threats, so it’s important to understand which risks your industry faces to make best use of your security budget and mitigate these threats. Here are a few key findings by industry:
Accommodation & Hospitality: 90% of all breaches involved POS intrusions.
Healthcare: the only industry where the threat from inside is greater than that from the outside.
Manufacturing: 86% of attacks in the manufacturing industry are targeted; the target is often the planning, research, and development for a new solution. 47% of breaches involved the theft of intellectual property to gain competitive advantage.
Public: Cyber espionage was the motive for 44% of all breaches, with attacks usually involving phishing, installations and the use of backdoors.
Retail: web application attacks leveraging poor validation of inputs or stolen credentials were the leading factors behind data theft.
Education: Social engineering scams are targeting employees’ personal information, which is then used to commit identity theft.
The report found that 68% of all breaches took months or longer to discover. That’s bad news considering cybercriminals often compromise a system in a matter of minutes, sometimes even seconds. Even worse? Many of these breaches are spotted by customers or a third party, which can have a terrible impact on your brands reputation.
Plain and simple, it’s imperative your organization equipment your systems with defenses that are strong enough to send cyber criminals in the direction of an easier target. And while no defenses are truly 100% effective, if an attack is to get through, you need to be prepared to respond quickly and effectively. Verizon recommends staying vigilant by utilizing log files and change management systems that will give you an early warning sign of any security compromise. Limiting access to sensitive data and systems to only people who need it to do their jobs is another great recommendation. And lastly, patch your systems promptly; cyber criminals continue to see success in exploiting known vulnerabilities.