Cybercrime is not only costly for companies, but for threat actors too, report finds
Security breaches are on the rise, but they require significant investment and are nothing without the human element, the DBIR report discovers.
Verizon’s 2022 Data Breach Investigations Report (DBIR) takes into account data from 23,896 security incidents, including 5,212 confirmed data breaches, investigating common attack vectors.
The Denial of Service (DoS) accounted for 46% of all incidents, followed by email, partner, and software update malware.
“Once attackers are inside the victim’s network they often install malware, which violates the Integrity of a system (as does any other illicit change). The Integrity of a person can also be compromised when they alter their behavior due to the actions of the adversary,” the report explains.
In terms of breaches, 73% of them came from one of the top 10 breach vectors, which included the use of stolen credentials, ransomware, and phishing. With 30% of breach cases involving some type of malware, it remains as relevant as years ago. Ransomware, in turn, is present in almost 70% of malware breaches this year.
Surprisingly, while Distributed Denial of Service (DDoS) attacks are common and make up for a sizeable portion of incidents, they were pretty much not recorded in Verizon’s breach caseload.
It might seem like cybercrime is an easy way for criminals to make money with little investment. Yet, that’s wrong. A single breach requires a threat actor to develop software or content to reach the goal; identify vulnerabilities; find or develop suitable distribution vectors; and finally, successfully cash out the earnings.
And often, an attempted breach is nothing without human involvement. This year, the report found that “error” was responsible for 13% of the overall breaches, while 82% involved the “human element.” Social engineering and phishing continue to play a key role in this development.
“The known fact is that 80-95% of breaches are due to human errors, so when a company thinks that awareness training isn’t a priority, it’s simply beyond me,” Mike Polatsek told Cybernews.
In the case of social engineering, DBIR notes 1,063 incidents with confirmed data disclosure and over 2,000 cases overall. Mainly, these attacks were financially motivated (89%,) and the remaining 11% of breaches were attributed to espionage. The types of compromised data varied – from credentials (63%) to internal (32%) and personal (24%) information.
“Additionally, malware and stolen credentials provide a great second step after a social attack gets the actor in the door, which emphasizes the importance of having a strong security awareness program,” the report suggests.
More from Cybernews:
Subscribe to our newsletter