Latest DBIR Report Reveals Worrying Data Breach Statistics

Posted: Sep 14, 2018
Share This:

The increasing adoption of technology and digital processes is proving to be somewhat of a double edged sword for businesses. While on the one hand, the digitization of industries such as healthcare, finance, and manufacturing is allowing organizations to implement more efficient processes, more streamlined communications, and more effective regulatory compliance strategies – often at a fraction of the cost of their legacy systems – it has also introduced many new vulnerabilities and threats; threats that organizations operating across all industries are struggling to contain.

According to the eleventh edition of Verizon’s highly anticipated Data Breach Investigation Report (DBIR), there were a total of 53,308 security incidents and 2,216 confirmed data breaches across 21 industries from 65 countries in 2017.

The data reveals that once again, cybercriminals are breeding success with the same tried and tested techniques, and their victims continue to make the same mistakes. The majority of attacks stem from opportunistic individuals who don’t necessarily set out to exploit the wealthy or famous, but the unprepared.

Ransomware rising

Ransomware attacks are the most potent cybersecurity threat affecting global organizations today, found in 39% of all malware related data breaches. What’s more, counts of ransomware have doubled since last year to reach a staggering total of 700 recorded incidents. Who knows how many incidents went unreported?

A deeper dive into the data reveals that email is consistently the most used entry point for ransomware attackers to carry out their malicious work, with 87% of breaches taking less than a few minutes to wreak havoc. To make matters worse, these attacks are penetrating critical business systems rather than just desktops, encrypting file servers and databases, and inflicting a greater amount of damage as a result. With this, the attackers’ ransom demands are on the rise as well.

Bryan Sartin, executive director security professional services at Verizon said that the issue is not helped by the fact that “businesses are still not investing in appropriate security strategies to combat ransomware, meaning they end up with no option but to pay the ransom”.

No industry is immune

It should come as no surprise that most (76%) cybercriminals are motivated by financial gain. If there’s some way their malicious activity can make money out of an organization and its data, they will find it – and they really don’t care where the money comes from.

The report offers a detailed breakdown of the number of incidents and breaches by industry and size, highlighting the level of threat posed by cybercriminals today – a harsh reminder that no organization can afford to sit comfortably.

Incidents and breaches by industry
Incidents and breaches by industry https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_en_xg.pdf

Each industry faces a different mix of threats, but none are immune from cybercrime perpetration. The full report provides a great deal of insight into the risks each industry and organization faces, as well as offering guidance on the steps that can be taken to manage and mitigate the level of danger.

The need for employee education

The report highlights the need for organizations to carry out ongoing cybersecurity training with their staff, due to the human factor constantly proving to be a key vulnerability. And companies are nearly three times more likely to be breached by social attacks than via actual vulnerabilities, with financial pretexting and phishing representing 98% of these social incidents, and 93% of all breaches investigated within the report.

Worse still, is that employees continue to fall victim to these incidents. While most employees are wise to the ways of phishing, it only takes one click to compromise systems from within. The research shows that on average, 4% of the targets of phishing campaigns will click on a malicious link in an email. Clearly, employee education is not ‘one and done’ but a continuous process designed to instill a culture of security throughout the organization.

Organized crime and state-sponsored attacks

A single breach was often shown to stem from multiple attackers, but most notably, 72% of attacks were perpetrated by outsiders. Members of organized criminal groups were behind 50% of all breaches, with nation-state or state-affiliated actors involved in 12% of the activities. Not all culprits are outsiders though – over a quarter (28%) of attacks involved insiders. The report notes how insider threat is particularly difficult for organizations to guard against, due to the fact it can be incredibly difficult to spot the signs if someone is misusing their legitimate access to sensitive company data for unscrupulous purposes.

The healthcare industry stands out in this regard, since the majority of data breaches are attributed to insiders, possibly due to fun or curiosity when celebrity patient records are the target. Keeping logs of employee access and actually reviewing those logs on a regular basis can help to at least spot and eliminate malicious activity before it has gone too far.

Verizon’s Sartin went on to state “Companies need to continue to invest in employee education about cybercrime and the detrimental effect a breach can have on brand, reputation and the bottom line. Employees should be a business’s first line of defense, rather than the weakest link in the security chain. Ongoing training and education programs are essential. It only takes one person to click on a phishing email to expose an entire organization.”

Staying vigilant in 2018, and beyond

68% of breaches outlined in the report took months or longer to discover. In many cases, it is not even the organization itself that spots the breach, but rather a third party such as partner or law enforcement agency. Worst of all, many breaches are discovered by customers.

Cybercrime is not going away anytime soon, so businesses must be proactive in guarding every aspect of their digital environments. Maintaining secure communications is an essential part of this process; by educating employees about the risks posed by the common forms of communication such as email, text messaging, and traditional faxing – and through providing the right tools such as secure cloud fax services that allow documents to be exchanged outside the organization effectively and securely, organizations can help mitigate against the ever-evolving threat landscape.