Nearly 2,000 breaches were analysed in the company’s 2017 Data Breach Investigations Report and more than 300 were espionage-related, many of which started life as phishing emails. In addition, this years report sees a 50% increase in ransomware attacks compared to 2016.
Major findings include:
Malware is big business: Fifty-one (51) percent of data breaches analysed involved malware. Ransomware saw a 50 % increase from 2016 report, and a huge jump from the 2014 DBIR where it ranked 22 in the types of malware used, now ranking the fifth place.
Phishing is still a go-to technique: In the 2016 DBIR, Verizon flagged the growing use of phishing techniques linked to software installation on a users device. In this years report, 95% of phishing attacks follow this process. 43% of data breaches utilized phishing, and the method is used in both cyber-espionage and financially motivated attacks.
Pretexting is on the rise: Pretexting is another tactic on the increase, and the 2017 DBIR showed that it is predominantly targeted at financial department employees. Email was the top communication vector, accounting for 88% of financial pretexting incidents, with phone communications in second place with just under 10%.
Smaller organizations are also a target: 61% of victims analysed were businesses with fewer than 1,000 employees. The top three industries for data breaches are financial services 24%; healthcare (15 percent) and the public sector (12 percent). Companies in the manufacturing industry are the most common targets for email-based malware. 68% of healthcare threat actors are internal to the organization.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now