US telecommunications conglomerate Verizon recently published the 16th edition of its annual Data Breach Intelligence Report (DBIR), which includes input from numerous companies and organizations around the world in addition to Verizon’s own data. The report takes into account around 16,000 incidents, of which 5,200 are classified as confirmed security breaches.
In terms of absolute numbers, this year’s figures show the highest highest number of attacks in the denial-of-service (DoS) category, continuing a trend seen over many years now. Looking exclusively at incidents with confirmed data losses, a significant growth in more complex intrusion attacks, mainly conducted on multiple levels, becomes apparent.
Attacks by way Social Engineering once again proved to be particularly effective and lucrative for cyber criminals. Within this category, in turn, the number of CEO fraud attacks almost doubled and now accounts for nearly half of all social engineering incidents. The proportion of ransomware attacks remains unchanged at 24 percent of all incidents. These types of attacks were reported in companies and institutions of all sizes and in every sector.
The human element was exploited in three-quarters (74 percent) of attacks. In addition to social engineering, this category includes user error, privilege misuse and use of stolen credentials. In 83 percent of such cases, the breach involved external actors. The motive for attacks was overwhelmingly financial enrichment, constituting 95 percent of all cases.
The three most common ways for cyber criminals to gain access to an organization’s environment are currently stolen credentials, duly followed by phishing and the exploitation of vulnerabilities. These days, vulnerabilities are exploited extremely quickly. In the case of Log4j, for instance, a third of all scans were already registered within 30 days of the vulnerability becoming public knowledge – and most of those were within the first 17 days.
As far as small and medium-sized enterprises (SMB) are concerned, Verizon no longer sees any significant differences to larger organizations with regard to their attack surfaces. In the meanwhile, the report confirms, larger and smaller organizations are now using similar services and infrastructures, meaning that the attack profile is hardly shaped by the size of a company anymore. However, the DBIR has once again detected significant differences in the ability of companies to respond to threats. Should larger companies fall victim to an attack, they simply have a greater number of resources at their disposal.
The full Data Breach Investigations Report 2023, including more detailed breakdowns according to sector and region, can be downloaded from the Verizon website upon registration.
Retarus supports companies interested in increasing their IT security, specifically with its Secure Email Platform and more generally with its highly secure, GDPR-compliant cloud services for business communication. You can find more details on our website or directly from your local Retarus representative.