Cybercriminals after money more than anything else - Verizon report
Of all the things cybercriminals aim to accomplish in their illicit activities, money still takes centre stage.
Out of more than 32,000 incidents analysed in the Verizon Business 2020 Data Breach Investigations Report, 3950 were confirmed breaches across 81 countries. Furthermore, a whopping 86% of breaches were found to be financially motivated.
On a regional level, 91% of breaches in North America were financially motivated, followed by 70% in Europe, Middle East & Africa; and 63% in Asia pacific.
The report’s lead author Alex Pinto says that headlines often talk about spying or grudge attacks, but the reality from data is that financial gain is driving crime, regardless of whether criminals are using humans or systems to conduct their exploits.
But there is some good news – most organisations are taking actions such as ongoing patch management. The report says that fewer than one in 20 breaches exploit these kinds of vulnerabilities.
Pinto says that more organisations are tracking common patterns within cyber attack journeys, which could be a ‘security game changer’ for cyber defense. Organisations can determine the threat actor’s destination while an attack is in progress and predict the eventual breach target, stopping attacks dead in their tracks. The report calls this a ‘defender’s advantage’.
Other common cyber attacks include web application attacks, as threat actors go after cloud-based data. According to the report, more than 20% of attacks were against web application and used stolen credentials in some way. The report notes that the trend is worrying as more organisations shift business-critical workloads to the cloud.
Credential theft, phishing, business email compromise and other social engineering attacks caused more than 67% of breaches. Specifically, 37% of credential theft breaches used stolen or weak credentials, 25% involved phishing, and 22% involved human error.
Amongst malware incidents, ransomware was involved in 27% of cases, and 18% of organisations blocked at least one piece of ransomware in the last year.
"As remote working surges in the face of the global pandemic, end-to-end security from the cloud to employee laptop becomes paramount," says Verizon Business CEO Tami Erwin.
"In addition to protecting their systems from attack, we urge all businesses to continue employee education as phishing schemes become increasingly sophisticated and malicious."
Other regional findings:
Europe, Middle East and Africa (EMEA): Denial of Service (DoS) attacks accounted for over 80% of malware incidents; 40% of breaches targeted web applications, using a combination of hacking techniques that leverage either stolen credentials or known vulnerabilities. 14% of breaches were associated with cyber-espionage.
Asia Pacific (APAC): 63% of breaches were financially motivated, and phishing attacks are also high, at over 28%.
Northern America: Stolen credentials were the most commonly involved in cybercrime techniques, accounting for over 79% of hacking breaches; 33% of breaches were associated with either phishing or pretexting.