The annual Data Breach Investigations Report is here.
Welcome to Cyber Security Today. It’s Friday, June 9th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.
I’m away for a few days so this episode doesn’t have the usual news briefs. Instead, today’s show focuses on Verizon’s annual Data Breach Investigations Report, which was released this week.
For those who don’t know, this is an analysis of breaches of security controls from information contributed by a number of security companies. This latest report looks at over 16,000 security incidents, of which almost 5,200 were confirmed data breaches.
First, this survey affirms what years of previous reports have said: The odds are you’re going to be breached by an external threat actor, not betrayed by theft or mistakes by insiders like your current staff or partners. Eighty-three per cent of incidents studied were committed by crooks, foreign countries, hacktivists or former employees.
Second, for the period studied — which was from October 2021 to November 2022 – denial of service attacks were the leading attack vector involved in incidents. Number two was ransomware. The leading attack vector for data breaches, however, was the use of stolen credentials.
How do attackers get initial access? Often by hacking servers, say the numbers, usually by exploiting vulnerabilities in web applications or using stolen credentials. And often those stolen credentials come from staff falling for email phishing messages. The report says this shows the importance of paying attention to cybersecurity fundamentals.
As for ransomware, the most common ways attackers get into networks are by employees falling for phishing lures, followed by the compromise of desktop sharing software and, third, finding holes in web applications.
One more finding about ransomware attacks: There’s at least some evidence that while the amounts victim organizations are paying may be down, the costs of recovering from ransomware are increasing.
There’s lots more data an infosec leader can use to hone a cybersecurity program, including a deep dive into several industries and regions around the world.
There’s a link to the report here. To get it you have to leave a name and email address.
Later today the Week in Review edition will be available. This week Jim Love, CIO of ITWorldCanada.com is filling in for me. The guest commentator is David Shipley of Beauceron Security.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.