Data breaches analysed
The results of the Data Breach Report of Verizon are very interesting, with many of the findings confirming what we’ve been seeing on the front lines for some time. The spread of breaches tied to cyber espionage is among the key findings of the Report. Nearly 2,000 breaches were analysed in this year’s report and more than 300 were espionage-related, many of which started life as phishing emails.
The report indicates that the primary motives for these attacks are to obtain sensitive personally identifiable information or proprietary information/intellectual property. For attacks aimed at educational institutions, valuable research data is the target.
Phishing is still a go-to technique: In the 2016 report, it was flagged that the growing use of phishing techniques linked to software installation on a user’s device. In this year’s report, 95 % of phishing attacks follow this process. 43% of data breaches utilised phishing, and the method is used in both cyber-espionage and financially motivated attacks.
The use of pretexting – which involves a persona and dialogue between the actor and victim rather than just a one-off email – was also on the rise, happening over email in 88% of financial sector incidents, and over the phone in 10%.
Basic security measurements
With 81% of hacking-related breaches leveraging either stolen passwords and/or weak or guessable passwords, getting the basics right is as important as ever before. Ensuring that software is patched, using two-factor identity authentication, encrypting sensitive data and segmenting the network to protect it are just basic measurements. But many organisations neglect these basic measures.
The report noted a 50% increase in ransomware attacks as compared to last year. Despite this increase and the related media coverage surrounding the use of ransomware, many organizations still rely on out-of-date security solutions and aren’t investing in security precautions. In essence, they’re opting to pay a ransom demand rather than to invest in security services that could mitigate against a cyber attack.