The findings show that Ransomware is the common type of malware found in 39% of all malware related data breaches, up 50% of last year’s DBIR and accounting for more than 700 incidents. Other findings indicate that Ransomware attacks are moving into business critical systems that encrypt file servers and databases, causing more damage and commanding bigger ransom requests.
Speaking on the report, George Fischer, president of Verizon Enterprise Solutions, said: “Businesses find it difficult to keep abreast of the threat landscape, and continue to put themselves at risk by not adopting dynamic and proactive security strategies. Verizon gives businesses data-driven, real-life views on the cyber-threat landscape, not only through the DBIR series but also via our comprehensive range of intelligent security solutions and services. This 11th edition of the DBIR gives in-depth information and analysis on what’s really going on in cybercrime, helping organizations to make intelligent decisions on how best to protect themselves.”
The report also shows that the human factor still continues to be a key weakness for companies. Employees are still falling for social attacks, in particular pretexting and phishing make up 98% of social incidents with 93% of all breaches investigated. In 96% of cases email is the biggest entry point and companies are three times more likely to get breached by social attacks than actual vulnerabilities in its system demonstrating the need for continuous cyber security education.
Pretexting incidents particular has been specifically targeted toward HR staff in order to try and get personal data to file fraudulent tax returns. 4% of people fall prey to phishing attacks, 72% of attacks are carried out by outsiders, 27% by internal actors, 2% involved partners and 2% include multiple partners.
Overall 68% of breaches took months to discover despite the fact that it took minutes for data to be compromised.
“Ransomware remains a significant threat for companies of all sizes. It is now the most prevalent form of malware, and its use has increased significantly over recent years. What is interesting to us is that businesses are still not investing in appropriate security strategies to combat ransomware, meaning they end up with no option but to pay the ransom – the cybercriminal is the only winner here! As an industry, we have to help our customers take a more proactive approach to their security. Helping them to understand the threats they face is the first step to putting in place solutions to protect themselves,” added Bryan Sartin, executive director security professional services at Verizon.
Looking at the biggest risks per industry, in Education social engineering targeting personal information is the biggest risk, as is highly sensitive research with 20% of attacks being driven by espionage, with a surprising 11% being done for fun.
In Finance and Insurance industries, payment card skimmers installed to ATMs is still the biggest threat but there is also a rise in ATM jackpotting which involves the use of fraudulently installed software or hardware to instruct the ATMs to release large sums of money.
Insider threats are the biggest risks to the Healthcare industry, posing a greater risk than external factors as well as human error which remains a major contributor to additional healthcare risks.
As for the Information sector DDoS attacks account for approximately 56% of incidents and in the Public sector cyber-espionage is the greatest concern with 43% of breaches, targeting both state-secrets and personal data, are motivated by espionage. DDoS attacks reached its peak in March with the two biggest recorded attacks to date, hitting 1.7Tbps.
“Companies also need to continue to invest in employee education about cybercrime and the detrimental effect a breach can have on brand, reputation and the bottom line. Employees should be a business’s first line of defense, rather than the weakest link in the security chain. Ongoing training and education programs are essential. It only takes one person to click on a phishing email to expose an entire organization,” continued Sartin.
The DBIR used collective data from 67 organisations around the world. In the 2018 edition 5,000 incidents, 2216 breaches from 65 countries were examined.