The Verizon 2017 Data Breach Investigation Report reveals that cyber espionage is now the most common type of attack seen in manufacturing, the public sector and now education, with much of this due to the high proliferation of proprietary research, prototypes and confidential personal data, which are “hot-ticket items” for cyber criminals.
Verizon also warns that organised criminal groups escalated their use of ransomware to extort money from victims, with its report showing a 50% increase in ransomware attacks compared to last year.
But, Verizon says that despite this increase and the related media coverage surrounding the use of ransomware, many organisations still rely on out-of-date security solutions and aren’t investing in security precautions.
“Insights provided in the DBIR are levelling the cyber security playing field,” says George Fischer, president of Verizon Enterprise Solutions.
“Our data is giving governments and organisations the information they need to anticipate cyber attacks and more effectively mitigate cyber risk. By analysing data from our own security team and that of other leading security practitioners from around the world, we’re able to offer valuable intelligence that can be used to transform an organisation’s risk profile”.
Major findings of the Verizon DBIR include:
- Malware is big business: 51% of data breaches analysed involved malware. Ransomware rose to the fifth most common specific malware variety. Ransomware — using technology to extort money from victims — saw a 50% increase from last year’s report, and a huge jump from the 2014 DBIR where it ranked 22 in the types of malware used.
- Phishing is still a go-to technique: In the 2016 DBIR, Verizon flagged the growing use of phishing techniques linked to software installation on a user’s device. In this year’s report, 95% of phishing attacks follow this process. A total of 43% of data breaches utilised phishing, and the method is used in both cyber espionage and financially motivated attacks
- Pretexting is on the rise: Pretexting is another tactic on the increase, and the 2017 DBIR showed that it is predominantly targeted at financial department employees – the ones who hold the keys to money transfers. Email was the top communication vector, accounting for 88% of financial pretexting incidents, with phone communications in second place with just under 10%.
- Smaller organisations are also a target: 61% of victims analysed were businesses with less than 1000 employees.
“Cyber attacks targeting the human factor are still a major issue,” says Bryan Sartin, executive director, Global Security Services, Verizon Enterprise Solutions.
“Cyber criminals concentrate on four key drivers of human behaviour to encourage individuals to disclose information: eagerness, distraction, curiosity and uncertainty. And as our report shows, it is working, with a significant increase in both phishing and pretexting this year.”
This year’s Verizon report provides tailored insights for key business sectors, revealing specific challenges faced by different verticals, and also answering the “who? what? why? and how?” for each. Key sector-specific findings include:
- The top three industries for data breaches are financial services (24%); healthcare (15%) and the public sector (12%).
- Companies in the manufacturing industry are the most common targets for email-based malware.
- About 68% of healthcare threat actors are internal to the organisation.
“The cyber crime data for each industry varies dramatically,” commented Sartin. “It is only by understanding the fundamental workings of each vertical that you can appreciate the cyber security challenges they face and recommend appropriate actions.”
With 81% of hacking-related breaches leveraging either stolen passwords and/or weak or guessable passwords, getting the basics right is as important as ever before, according to Verizon,.
“Our report demonstrates that there is no such thing as an impenetrable system, but doing the basics well makes a real difference. Often, even a basic defence will deter cyber criminals who will move on to look for an easier target," concludes Sartin.