For the last 15 years, Verizon has been creating yearly Data Breach Investigation Reports (DBIR). The report this year confirms just how awful the past 12 months have been. Verizon detailed the past 12 months as representing an unparalleled year in the story of cybersecurity. The financially driven scammers and nefarious nation-state actors have hardly if ever, turn out moving the way they have over the last 12 months, mentioned Verizon.
The 2022 DBIR was created together with 87 partner institutions making use of data from 23,896 security cases. 5,212 of the cases were confirmed data breaches, 849 of the cases reviewed in the report took place in the healthcare market and 571 of those cases were affirmed data breaches.
The report affirms that there was a big surge in ransomware attacks in 2021, rising by 13% compared to the preceding year. To put some viewpoint, the growth is larger than the merged increases in the preceding five years. As Verizon explains in the report that ransomware is merely a method of exploiting access to victims’ sites, however, it has shown to be notably profitable at earning cash from unlawful access to systems and private data. 25% of data breaches in 2021 employed ransomware.
The most typical vectors in ransomware attacks involved the usage of stolen information, typically for desktop sharing applications, which gives initial access in 40% of attacks. Phishing was the next most popular vector in ransomware attacks, offering preliminary access in 35% of attacks and the next is the exploitation of vulnerabilities in web software and direct installations. The increased percentage of attacks linked with remote desktop software programs and emails demonstrates the significance of locking down RDP and safeguarding email.
The rise in ransomware attacks is scary, and so is the rise in supply chain attacks, which represent 62% of system attacks. Supply chain attacks can be executed by financially inspired cyber actors, although in many cases they are employed by nation-state actors to acquire persistent access to networks for surveillance purposes.
Securing against cyberattacks calls for action to be undertaken to handle the four principal strategies that cause acquiring initial access to sites, which are phishing, botnets, credentials, and taking advantage of vulnerabilities. Though insiders can and do result in data breaches, certainly the major cause is external actors. Breaches because of external actors surpass insider breaches by four to 4. Although external attacks are far more likely, the median number of records affected in insider breaches is much greater.
Human error still has a significant role in data breaches. 13% of data breaches concerned misconfigurations, generally of cloud storage services, and 82% of all data breaches examined in the last year concerned a human factor. 25% of all breaches in 2021 were caused by social engineering attacks, featuring not merely the value of using advanced email defenses but likewise giving frequent security awareness training to the employees.
The leading three attack tactics were similar to the previous year, though shifting positions. System intrusions were on the leading spot, then web application attacks, and social engineering. In healthcare, the prominent reasons for data breaches were website application attacks, miscellaneous errors, and system attacks, which were 76% of all data breaches.
Verizon states that although insiders have for ages been a primary source of data breaches in medical care, the growth in web app attacks has led to external threats surpassing insiders. Healthcare workers triggered 39% of breaches in 2021, which is noticeably bigger than the 18% throughout all other industry areas. Though there will consistently be malicious insiders in the healthcare industry, staff are 2.5 times more possible to commit a blunder than to maliciously take advantage of their access to information, with misdelivery and loss the most frequent mistakes done in medical care.