Financial gain remains the key motivator for cybercrimes with nine in 10 (86%) data breaches that were investigated and proved to be financially driven, according to the Verizon’s 2020 Data Breach Investigations Report.
The research revealed that credential theft and social attacks like phishing and BEC (business email compromise) attacks caused the majority of data breaches (over 67%), with 37% of credential theft breaches using stolen credentials, 25% involved phishing, and human error accounted for 22%. Nearly, 86% of data breaches for financial gain, which is an increase from 71% in 2019. The research also found 43% increase in web application breaches, and 80% of them were performed using stolen credentials. Ransomware attacks also increased by 27% when compared to 24% in 2019.
“As remote working surges in the face of the global pandemic, end-to-end security from the cloud to employee laptop becomes paramount. In addition to protecting their systems from attack, we urge all businesses to continue employee education as phishing schemes become increasingly sophisticated and malicious,” said Tami Erwin, CEO, Verizon Business.
SMBs are at Risk
The increased use of cloud and web-based applications made small and medium-sized businesses (SMBs) primary targets for cybercriminals. It is found that phishing attacks are the biggest threat for SMBs, accounting for over 30% of breaches.
Industries Under Cyber Risks
The research stated the type of attack vectors is different across various industries. The other significant findings include:
- External actors leveraging malware, such as password dumpers, app data capturers and downloaders to obtain proprietary data for financial gain, account for 29% of manufacturing breaches
- 99% of incidents were financially motivated, with payment data and personal credentials continuing to be prized. Web applications, rather than Point of Sale (POS) devices, are now the main cause of Retail breaches
- 30% of breaches in the financial and insurance sector were caused by web application attacks, primarily driven by external actors using stolen credentials to get access to sensitive data stored in the cloud.
- Ransomware attacks doubled this year in the educational sector, accounting for 80% of malware attacks vs. last year’s 45%, and social engineering accounted for 27% of incidents.
- Human error accounted for 31% of health care breaches, with external breaches at 51% (up from 42% in 2019), slightly more common than insiders at 48% (59% last year). This vertical remains the industry with the highest number of internal bad actors, due to greater access to credentials.
- Ransomware attacks accounted for 61% of malware-based incidents in the public sector. 33% of breaches are accidents caused by insiders. However, organizations have got much better at identifying breaches: only 6% lay undiscovered for a year compared with 47% previously, linked to legislative reporting requirements.
Regional Attack Targets
Northern America: The attack technique commonly used was stolen credentials, with 79% of hacking breaches. Around 33% of breaches were associated with either phishing or pretexting.
Europe, Middle East and Africa (EMEA): Denial of Service (DoS) attacks accounted for over 80% of malware incidents, with 40% of breaches targeted on web applications.
Asia Pacific (APAC): 63% of breaches were financially motivated, and phishing attacks stand at over 28%.
The findings are based on the analysis of 32,002 security incidents and 3,950 confirmed breaches from 81 global contributors from 81 countries.