Who saw that coming?
In move that shocked faculty, staff and students alike, last year’s much lauded salutatorian, Basic Web Application Attacks, has dropped out (of the top three patterns). Miscellaneous Errors is still present (isn’t it always?) and has increased slightly from last year. As you may have guessed, these errors are the usual suspects: Misdelivery, Publishing errors and Misconfiguration.
Social Engineering clawed its way to the number three position, increasing from 14% last year to 21% in 2023 (Figure 52). This rise is primarily represented by Phishing attacks, which showed up in 18% of breaches, and Pretexting scenarios (4%).
Hacking was present in 40% of breaches, with use of stolen credentials appearing in 31% of them. Not to be outdone, malware also showed up in 40% of breaches, with Ransomware present in 30% of those breaches. Let’s review that finding for the exam: Ransomware was responsible for almost one-third of all breaches in the Educational Services vertical. In spite of this impressive showing from both Hacking and Malware, the System Intrusion pattern, while maintaining its number one spot, decreased slightly from last year.
