Verizon 2018 Data Breach Investigations Report

As technology evolves, so too do cybercriminals looking to leverage and exploit it for their own nefarious purposes. Consequently, businesses must constantly refine their cybersecurity strategies to stay one step ahead—a practice that can be difficult to maintain without sufficient funding and resources.

The recently published Verizon 2018 Data Breach Investigations Report (DBIR) offers a detailed, statistics-driven view into thousands of real-world data breaches and security incidents. Behind the numbers, this annual report gives organizations harrowing stories, genuine insights and valuable takeaways regarding cybersecurity and cybercrime.

To help business leaders and solutions providers stay on top of the cybersecurity landscape, here are three important trends to keep an eye on, based on findings from this year’s report.

 

The Surge in Social Attacks

Human error is one of the biggest weaknesses exploited by cybercriminals, and 17% of the tactics they utilize come in the form of social attacks. In the DBIR, social attacks were classified in two forms:

 

Phishing

Phishing is the crafting of a message designed to influence the recipient to “take the bait” via a simple mouse click. That bait is most often a malicious attachment or link to a page that will request credentials or drop malware. While the vast majority of people don’t click on phishing scams, an average of 4% will.

 

Pretexting

Pretexting is the creation of a false narrative to obtain information or influence behavior. To differentiate it from phishing in the 2018 DBIR, pretexting was reserved for cases that included a level of dialogue between the attacker and victim.

The two scenarios most common in pretexting attacks were those targeting finance or HR employees. Finance employees received emails from attackers impersonating executive leadership, and were manipulated into transferring them money. HR staff received emails from impersonators goading them into giving up coveted W-2 data that included valuable personal information.

To prevent social attacks from occurring, businesses can conduct role-playing games that put employees through real-life phishing and pretexting scenarios to increase their level of skepticism. IT departments should also continually test their ability to react quickly and efficiently to limit the impact of a successful scam.

 

The Rise of Ransomware

In the past five years, ransomware has emerged as a significant threat for almost every major industry. Gaining access through various phishing techniques targeting employees, this malicious software holds a companies’ critical business systems and data hostage until a certain sum is paid to the attacker.

Last year, ransomware was the fifth most prevalent type of malware involved in security incidents. In 2018 it rose to the top, with its code being found in 39% of cases where malware was identified. This troubling trend isn’t going anywhere soon—ease of deployment, low risk and low cost allow even the most amateur cybercriminal to cause serious damage.

Preventative controls regarding defense against ransomware installation are critically important. Businesses should conduct routine backups to ensure they have something to fall back on in the case of an attack. As a best practice, IT leaders should separate assets that are more critical in order to protect and prioritize them with regard to business continuity.

 

Prevent and Protect

A cybercriminal can compromise a business system in a matter of minutes, if not seconds. It doesn’t take them much longer to extract the valuable data they’re looking for.

On the flip side, 68% of businesses took months or longer to discover they’d been breached, and it’s often a third party – like law enforcement or a partner – that alerts the company to the attack. Even worse, many breaches are spotted by the organization’s own customers, causing invaluable damage to brand reputation.

To help keep your systems and data secure, here are a few preventative measures your business can take:

•Stay vigilant. Use log files or change management systems to get early warnings of a security compromise.

•Train your people.Your employees might not know the full extent to which cybersecurity can affect their work. Get them on board by teaching them how to spot and react to signs of an attack.

•Keep data close.Limit access of sensitive business data and systems to the people who need it to do their job, and have a process in place to revoke it when they change roles.

•Update often.Guard against several common threats by simply keeping your company’s anti-virus software up to date.

•Encrypt data.By encrypting your data, it’s rendered useless if stolen by a cybercriminal.

•Use two-factor authentication.If an employee’s credentials are stolen or lost, two-factor authentication can limit the damage done to the company as a whole.

•Invest in offline security.Surveillance cameras and entry systems for restricted areas prevent criminals from tampering or stealing sensitive material.

 

To read an executive summary of the Verizon 2018 Data Breach Investigations Report, click here. If you have questions on how to better protect your enterprise customers from common cyber threats, send us a message to get in touch with a security expert on our team.

As technology evolves, so too do cybercriminals looking to leverage and exploit it for their own nefarious purposes. Consequently, businesses must constantly refine their cybersecurity strategies to stay one step ahead—a practice that can be difficult to maintain without sufficient funding and resources.

The recently published Verizon 2018 Data Breach Investigations Report (DBIR) offers a detailed, statistics-driven view into thousands of real-world data breaches and security incidents. Behind the numbers, this annual report gives organizations harrowing stories, genuine insights and valuable takeaways regarding cybersecurity and cybercrime.

To help business leaders and solutions providers stay on top of the cybersecurity landscape, here are three important trends to keep an eye on, based on findings from this year’s report.

 

The Surge in Social Attacks

Human error is one of the biggest weaknesses exploited by cybercriminals, and 17% of the tactics they utilize come in the form of social attacks. In the DBIR, social attacks were classified in two forms:

 

Phishing

Phishing is the crafting of a message designed to influence the recipient to “take the bait” via a simple mouse click. That bait is most often a malicious attachment or link to a page that will request credentials or drop malware. While the vast majority of people don’t click on phishing scams, an average of 4% will.

 

Pretexting

Pretexting is the creation of a false narrative to obtain information or influence behavior. To differentiate it from phishing in the 2018 DBIR, pretexting was reserved for cases that included a level of dialogue between the attacker and victim.

The two scenarios most common in pretexting attacks were those targeting finance or HR employees. Finance employees received emails from attackers impersonating executive leadership, and were manipulated into transferring them money. HR staff received emails from impersonators goading them into giving up coveted W-2 data that included valuable personal information.

To prevent social attacks from occurring, businesses can conduct role-playing games that put employees through real-life phishing and pretexting scenarios to increase their level of skepticism. IT departments should also continually test their ability to react quickly and efficiently to limit the impact of a successful scam.

 

The Rise of Ransomware

In the past five years, ransomware has emerged as a significant threat for almost every major industry. Gaining access through various phishing techniques targeting employees, this malicious software holds a companies’ critical business systems and data hostage until a certain sum is paid to the attacker.

Last year, ransomware was the fifth most prevalent type of malware involved in security incidents. In 2018 it rose to the top, with its code being found in 39% of cases where malware was identified. This troubling trend isn’t going anywhere soon—ease of deployment, low risk and low cost allow even the most amateur cybercriminal to cause serious damage.

Preventative controls regarding defense against ransomware installation are critically important. Businesses should conduct routine backups to ensure they have something to fall back on in the case of an attack. As a best practice, IT leaders should separate assets that are more critical in order to protect and prioritize them with regard to business continuity.

 

Prevent and Protect

A cybercriminal can compromise a business system in a matter of minutes, if not seconds. It doesn’t take them much longer to extract the valuable data they’re looking for.

On the flip side, 68% of businesses took months or longer to discover they’d been breached, and it’s often a third party – like law enforcement or a partner – that alerts the company to the attack. Even worse, many breaches are spotted by the organization’s own customers, causing invaluable damage to brand reputation.

To help keep your systems and data secure, here are a few preventative measures your business can take:

•Stay vigilant. Use log files or change management systems to get early warnings of a security compromise.

•Train your people.Your employees might not know the full extent to which cybersecurity can affect their work. Get them on board by teaching them how to spot and react to signs of an attack.

•Keep data close.Limit access of sensitive business data and systems to the people who need it to do their job, and have a process in place to revoke it when they change roles.

•Update often.Guard against several common threats by simply keeping your company’s anti-virus software up to date.

•Encrypt data.By encrypting your data, it’s rendered useless if stolen by a cybercriminal.

•Use two-factor authentication.If an employee’s credentials are stolen or lost, two-factor authentication can limit the damage done to the company as a whole.

•Invest in offline security.Surveillance cameras and entry systems for restricted areas prevent criminals from tampering or stealing sensitive material.

 

To read an executive summary of the Verizon 2018 Data Breach Investigations Report, click here. If you have questions on how to better protect your enterprise customers from common cyber threats, send us a message to get in touch with a security expert on our team.