TMCnet News
Money still makes the cyber-crime world go round - Verizon Business 2020 Data Breach Investigations Report is liveWhat you need to know:
NEW YORK, May 19, 2020 (GLOBE NEWSWIRE) -- The Verizon Business 2020 Data Breach Investigations Report (2020 DBIR) shows that financial gain remains the key driver for cybercrime with nearly nine in 10 (86 percent) breaches investigated financially-driven. The vast majority of breaches continue to be caused by external actors - 70 percent - with organized crime accounting for 55 percent of these. Credential theft and social attacks such as phishing and business email compromises cause the majority of breaches (over 67 percent), and specifically:
The 2020 DBIR also highlighted a year-over-year two-fold increase in web application breaches, to 43 percent, and stolen credentials were used in over 80 percent of these cases - a worrying trend as business-critical workflows continue to move to the cloud. Ransomware also saw a slight increase, found in 27 percent of malware incidents (compared to 24 percent in 2019 DBIR); 18 percent of organizations reported blocking at least one piece of ransomware last year. "As remote working surges in the face of the global pandemic, end-to-end security from the cloud to employee laptop becomes paramount," said Tami Erwin, CEO, Verizon Business. "In addition to protecting their systems from attack, we urge all businesses to continue employee education as phishing schemes become increasingly sophisticated and malicious." Common patterns offer a Defender Advantage The 2020 DBIR has re-emphasized the common patterns found within cyber-attack journeys, enabling organizations to determine the bad actors’ destination while they are in progress. Linked to the order of threat actions (e.g. Error, Malware, Physical, Hacking), these breach pathways can help predict the eventual breach target, enabling attacks to be stopped in their tracks. Organizations are therefore able to gain a “Defender’s Advantage” and better understand where to focus their security defenses. Smaller businesses are not immune The growing number of small and medium-sized businesses using cloud- and web-based applications and tools has made them prime targets for cyber-attackers. 2020 DBIR findings show that:
The 2020 DBIR now includes detailed analysis of 16 industries, and shows that, while security remains a challenge across the board, there are significant differences across verticals. For example, in Manufacturing, 23 percent of malware incidents involved ransomware, compared to 61 percent in the Public Sector and 80 percent in educational services. Errors accounted for 33 percent of Public Sector breaches - but only 12 percent of Manufacturing. Further highlights include:
Regional trends The 81 contributors involved with the 2020 DBIR have provided the report with specific insights into regional cyber-trends highlighting key similarities and differences between them. For example, financially-motivated breaches in general accounted for 91 percent of cases in Northern America, compared to 70 percent in Europe, Middle East and Africa and 63 percent in Asia Pacific. Other key findings include:
Alex Pinto, Lead Author of the Verizon Business Data Breach Investigations Report, comments: “Security headlines often talk about spying, or grudge attacks, as a key driver for cyber-crime - our data shows that is not the case. Financial gain continues to drive organized crime to exploit system vulnerabilities or human error. The good news is that there is a lot that organizations can do to protect themselves, including the ability to track common patterns within cyber-attack journeys - a security game changer - that puts control back into the hands of organizations around the globe.” About the DBIR The 2020 DBIR – its 13th edition - analyzed 32,002 security incidents, of which 3,950 were confirmed breaches; almost double the 2,013 breaches analyzed last year. These cases came from 81 global contributors from 81 countries, and the analysis also now covers 16 business sectors. The complete 2020 Data Breach Investigations Report as well as Executive Summary is available on the DBIR resource page. The DBIR team invites its readership to provide feedback on the findings and analysis within this year’s report. Any organization wishing to do so, or become a DBIR contributor should contact [email protected] for further information. Verizon Communications Inc. (NYSE, Nasdaq: VZ) was formed on June 30, 2000 and is celebrating its 20th year as one of the world’s leading providers of technology, communications, information and entertainment products and services. Headquartered in New York City and with a presence around the world, Verizon generated revenues of $131.9 billion in 2019. The company offers voice, data and video services and solutions on its award winning networks and platforms, delivering on customers’ demand for mobility, reliable network connectivity, security and control. VERIZON’S ONLINE MEDIA CENTER: News releases, stories, media contacts and other resources are available at www.verizon.com/about/news/. News releases are also available through an RSS feed. To subscribe, visit www.verizon.com/about/rss-feeds/. Media contacts: Clare Ward (EMEA) Najuma Thorpe (US) |