The 2020 Verizon Data Breach Investigations Report reveals that malware attacks are decreasing while hackers target information saved in the online. Verizon has been publishing a report for the last12 years. The report this year features a review of 32,002 security events and 3,950 verified data breaches from 81 contributors situated in 81 countries worldwide.
The report mentioned that the major driving force for performing attacks is monetary profits. Below are some reported statistics on the verified data breaches:
Breaches that were monetary driven – 86%
Caused by external actors – 70%
Conducted by cybercriminals – 55%
Due to credential theft – 67%
Due to brute-forcing of vulnerable credentials – 37%
Due to phishing and other social engineering attacks – 25%
Due to human error – 22%
Merely 20% of breaches were a result of the vulnerabilities exploitation. It is worth mentioning that it is significantly quicker to carry out attacks by using stolen credentials as opposed to taking advantage of vulnerabilities. This is the explanation for the comparatively small number of vulnerability-associated attacks and it’s not because organizations are applying patches to vulnerabilities on time.
The easiness of launching attacks employing brute-forced credentials or stolen passwords made malware attacks not as common. That said, ransomware is appearing to be an interesting alternative, with growing malware associated attacks from 24% to 27% of all breaches.
There was substantial growth in web apps attacks during the last 12 months, which increased two times to 43% of all breaches. 80% of those breaches were connected to credential theft. With far more organizations transferring their information from typical domain controllers and inner infrastructure, it is not strange that there was a substantial increase in attacks over the web.
The facts compiled for the report doesn’t include the duration of the COVID-19 public health crisis, when plenty of organizations quickened their cloud migration programs to permit more personnel to work from home. It is probable that the report following year will have a much bigger percentage of attacks on online resources.
Tami Erwin, CEO of Verizon Business, says that with the spike of remote working all through the global pandemic, end-to-end security covering the cloud and employee computer becomes critical. Aside from securing their systems from attack, all companies must continue staff training as phishing schemes become more advanced and malicious.
Healthcare Industry Cyberattacks and Insider Breaches
Monetary driven cyber attacks made up 88% of all healthcare data breaches, most of which were associated with ransomware. 4% of healthcare cyberattacks were done for entertainment and 3% were performed because of ease.
Verizon reports a higher number of healthcare data breaches during the past year. The report in 2019 covered 304 healthcare data breaches, and this year’s report had 521 breaches. The most popular type of attack on healthcare institutions is crimeware, which involves malware and ransomware. Like in other industries, the attacks on internet applications are escalating.
The health-related industry typically has a greater than the average number of incidents of privilege misuse. Such involves insiders having access to information and misuse their access rights to commit stealing or misuse of information. With a lot of employees provided access to patient information and its good price on the black market, this is not surprising.
This year’s report offers some excellent news though. It’s the very first time that privilege misuse is not included in the top 3 contributors to healthcare data breaches. This is part of a phenomenon that could be seen throughout all industries, which signifies that employees are more aware of accessing information without consent and healthcare companies are better capable to secure patient data.
Another wonderful news is the lesser number of breaches that involve several actors, which is normally a third-party for example an identity thief conniving with an insider who provides the information. In last year’s report, multiple actors were associated with 4% of breaches while in 2020 the cases fell to 1%. The proportion of breaches resulting from internal actors vs external actors equally changed substantially. In last year’s report, internal actors brought about 59% of breaches and external attackers prompted 42% of breaches. This report this year notes that internal actors are liable for 48% of breaches while external actors prompted 51% of breaches.
This year, the main root cause of medical care breaches were miscellaneous errors and online app breaches. Miscellaneous breaches were caused by misdirection, or the dispatching of emails to the wrong recipients and bulk mailings that send the letters to the incorrect patients, for example when a mail merge error occurs.