This edition of the DBIR marks the fourth year we have examined cybercrime incidents from a macro-regional point of view. We hope our readers find this broader look at cybercrime useful and instructive. As previously mentioned, our visibility into a certain region is determined by many variables, including contributors, regional disclosure laws and our own data. If your part of the world is not featured in the following pages, please contact us about becoming a data contributor and motivate other organizations in your area to do the same so that we can keep growing and improving our coverage each year. Even if your region is not represented here, this does not mean we have no visibility into the region but rather that we don’t have enough incidents in that geography to have a statistically significant section.
We define the regions of the world in accordance with the United Nations M4958 standards, which combines the super-region and sub-region of a country together. By so doing, the regions we will examine are as follows:
APAC: Asia Pacific, including Southern Asia (034), South-eastern Asia (035), Central Asia (143), Eastern Asia (030) and Oceania (009)
EMEA: Europe, Middle East and Africa, including Northern Africa (015), Europe (150) and Eastern Europe (151) and Western Asia (145)
LAC: Latin America and the Caribbean, including South America (005), Central America (013) and Caribbean (029)
NA: Northern America (021), including the United States and Canada
As in previous years, we have sliced and diced our data in many ways, and this time we are presenting the data for the various regions a little differently. Long-time readers will recognize the At-a-Glance tables that we put in each major section, only in this case, we’ve combined them to give you an easy way to see just how similar (and different) each of the regions are with regard to the frequency, top patterns, etc.
Region
|
Frequency
|
Top patterns
|
Threat actors
|
Actor motives
|
Data compromised
|
APAC
|
699 incidents, 164 with confirmed data disclosure
|
Social Engineering, System Intrusion and Basic Web Application Attacks represent 93% of breaches
|
External (92%), Internal (9%), Partner (2%), Multiple (2%) (breaches)
|
Financial (61%), Espionage (39%), Convenience (2%), Grudge (2%), Secondary (1%) (breaches)
|
Internal (56%), Secrets (42%), Other (33%), Credentials (29%) (breaches)
|
EMEA
|
2,557 incidents, 637 with confirmed data disclosure
|
System Intrusion, Social Engineering and Basic Web Application Attacks represent 97% of breaches
|
External (98%), Internal (2%), Multiple (1%) (breaches)
|
Financial (91%), Espionage (8%), Ideology (1%), Fun (1%) (breaches)
|
Credentials (53%), Internal (37%), System (35%), Other (15%) (breaches)
|
LAC
|
535 incidents, 65 with confirmed data disclosure
|
System Intrusion, Social Engineering and Basic Web Application Attacks represent 94% of breaches
|
External (95%), Internal (5%), Partner (2%), Multiple (2%) (breaches)
|
Financial (93%), Espionage (11%), Ideology (2%) (breaches)
|
System (55%), Internal (32%), Classified (23%), Credentials (23%), Other (19%) (breaches)
|
NA
|
9,036 incidents, 1,924 with confirmed data disclosure
|
System Intrusion, Basic Web Application Attacks and Social Engineering represent 85% of breaches
|
External (94%), Internal (12%), Multiple (9%), Partner (2%) (breaches)
|
Financial (99%), Espionage (1%), Grudge (1%) (breaches)
|
Credentials (67%), Internal (50%), Personal (38%), Other (24%) (breaches)
|
58 https://unstats.un.org/unsd/methodology/m49/