Massive 2020 digitalization also exposed prey to cyber-predators: study.
With an unprecedented number of people working remotely last year, phishing and ransomware attacks increased by 11% and 6% respectively, according to one long-running retrospective study of global data breaches.
The report asserts that 61% of breaches involved credential data, and 95% of organizations that had suffered credential stuffing attacks had between 637 and 3.3 billion malicious login attempts through 2020).
Increased attacks on web applications due to the sudden rush to digitalize chalked up 39% of all breaches.
Drilling in the data
The data breach investigations report by Verizon analyzed 29,207 quality incidents across 12 industries, of which 5,258 were confirmed breaches from 83 contributors across the globe, a third more breaches analyzed than in previous years.
Some findings for the industries include:
- Financial & Insurance: Misdelivery (e.g., email to the wrong distribution list) represented 55% of financial sector errors. The sector frequently faces credential and ransomware attacks from external actors. Some 83% of data compromised in this sector’s breaches was personal data (vs 49% in professional, scientific and technical services)
- Healthcare: Basic human error continued to beset this industry as it has for the past several years. The most common error continued to be misdelivery (36%), whether electronic or of paper documents.
- Public administration – By far the biggest threat in this industry was the social engineer. Actors who can craft a credible phishing email were absconding with credentials data at an alarming rate in this sector.
- Retail trade – The retail industry continued to be a target for financially-motivated criminals looking to cash in on the combination of payment cards and personal information this sector is known for. Social tactics included Pretexting and Phishing, with the former commonly resulting in fraudulent money transfers.
Regionally, the trends were:
- Asia Pacific region: Many APAC breaches were caused by financially-motivated attackers phishing employees for credentials and then using the stolen data to gain access to mail accounts and web application servers.
- Europe, Middle East and Africa: This regioncontinued to be beset by Basic Web Application Attacks, System Intrusion, and Social Engineering.
- Northern America: This regionwas often the target of financially-motivated actors searching for money or easily monetizable data. Social Engineering, Hacking and Malware continued to be the favored tools utilized by actors therein.
Generally, 85% of breaches in the study involved a human element, while over 80% had been discovered by external parties. Breach simulations found the median financial impact of a breach to be US$21,659, with 95% of incidents falling between US$826 and US$653,587.
Said the firm’s CEO, Tami Erwin: “As the number of companies switching business-critical functions to the Cloud increases, the potential threat to their operations may become more pronounced, as malicious actors look to exploit human vulnerabilities and leverage an increased dependency on digital infrastructures.”
The report’s lead author, Alex Pinto, added: “It is tempting to think that the vast threats demand a sweeping and revolutionary solution. However, the reality is that, whilst organizations should prepare to deal with exceptional circumstances, the foundation of their defenses should be built on strong fundamentals that address and mitigate the threats most pertinent to them.”