Another report today is indicating the steady growth of ransomware attacks, as well as the increasing danger of cyberespionage. According to Verizon, organizations in manufacturing, the public sector and education are frequent targets of cyberespionage.
At least 90% of 289 breaches stemming from espionage were associated with state-affiliated groups, followed by competitors and ex-employees. Expectedly, phishing was the most common attack vector employed to target victims for spying reasons.
The report also clarifies the difference between a breach and an incident. We are dealing with an incident when the integrity, confidentiality or availability of an information asset is compromised. A breach, however, is an incident followed by confirmed information exposure of data to an unauthorized party.
The 2017 Edition of Verizon’s Data Breach Investigations Report
The report is an edition of Verizon’s annual tradition to release statistics based on a vast analysis. This year’s analysis is based on more than 42,000 security incidents and 1,935 confirmed data breaches. The data is gathered from 84 countries. The research has been carried out with the help of 65 partners, making it quite an authoritative study on breaches and cyberespionage.
Phishing accounted for over a fifth of security incidents, or 21 percent, which is a considerable growth from last year (8%). As to why there is an increase in phishing, Verizon believes that more attackers have adopted the technique due to its high success rates. One in fourteen of phishing attacks were successful meaning that the targeted victim clicked on the malicious link or opened the attachment in the phishing email.
Phishing and Macro-Based Malware Continue to Be Favored
In addition, macro-based malware continues to be a threat, as opposed to spoofing which saw less attention as a technique.
Organized criminal groups were responsible for 51% of breaches and state-affiliated groups – for 18%. Not surprisingly, companies providing financial services were mostly targeted, where financial gain and espionage were the top causes of the attacks.
Ransomware continued to be an increasingly dangerous threat, with some industries going through more attacks. More particularly, the healthcare sector is cybercriminals’ favorite with 72% of all malware incidents in this sector due to ransomware.
Weak password security continues to be a top reason for many incidents. Four in five breaches related to hacking were successful due to a stolen, weak, or easy-to-guess password.