The 10th anniversary of the Verizon Data Breach Investigations Report was recently released. This year’s installment includes a great breakdown of industry-by-industry statistics and a bunch of helpful tips. We encourage everyone to download it and make time to give it a read! Here are five takeaways that stood out to us:
81 percent of hacking-related breaches leveraged weak and/or stolen passwords.
To quote Tyler Durden, “I am Jack’s complete lack of surprise.” While it’s true that stolen passwords are often out of our control, such as when the user database of a major email provider gets hacked, it’s also true that we all need to do our part by implementing strong, unique passwords for every account.
That is why we continuously recommend using a password manager and enabling two-factor authentication wherever possible. If you choose not to use a password manager, at least come up with a system for developing memorable passphrases (#longerisstronger) and consider changing them often. And if you’re not sure if your passwords suck, check out this handy flowchart.
66 percent of malware was installed via malicious attachments.
Over half of the attacks last year included malware, which was most commonly delivered by an attachment. It goes to show that firewalls and antivirus programs aren’t going to catch everything, so it’s on us, the end-users, to stay alert. Even if the email comes from someone you know, be cautious when clicking on any links or attachments. Watch out for odd, unexpected requests or spelling/grammar errors, and verify the source.
In short, think before you click! Ransomware accounted for the majority of all malware, and its success is directly tied to users clicking. With vigilance, maybe we can see more of Q4 and less of Q3, as shown in the table below.
Privilege misuse was the main cause of breaches in the Financial industry.
Okay, that’s not an entirely true statement. Botnets (DoS, or denial of service, attacks), Web Application attacks (hacking), and ATM skimmers accounted for 88 percent of all incidents within Financial Services. But when you adjust the data and remove DoS attacks and ATM skimmers from the equation, privilege misuse was the most common by a wide margin.
What is privilege misuse? It’s when an employee uses his or her credentials to inappropriately access computing systems or physical locations. Imagine a banker with a key to the vault that lets himself in on the weekends to snag a pocket full of cash.
But it wasn’t just banking employees writing themselves fraudulent checks. Personally identifiable information was more sought after than money, proving that our identities hold the most value to cybercriminals and insider threats.
The Manufacturing industry was the most susceptible to phishing attacks.
Of the eight industries defined in the DBIR, Manufacturing had the highest click rate when it comes to phishing. You may wonder, “Why would anyone phish manufacturers?” The report said it best, so we’ll let them answer that question:
The NAICS code for Manufacturing comprises “establishments engaged in the mechanical, physical, or chemical transformations of materials, substances, or components into new products.” In other words, they make stuff. And when you make stuff, there is always someone else who wants to make it better, or at least cheaper. A great way to make something cheaper is to let someone else pay for all of the R&D and then simply steal their intellectual property. With that in mind, it will probably be of no surprise that Cyber-Espionage is by far the most predominant pattern associated with breaches in Manufacturing
In fact, Cyber-Espionage was the second most common pattern of breaches after Web Application Attacks. If you don’t include botnets, which are large a part of Web App Attacks, Cyber-Espionage takes over the top spot.
Misdelivery was one of the most common errors in Healthcare breaches.
The DBIR found that misdelivery, along with lost assets and disposal errors, accounted for almost 30 percent of all Healthcare breaches. Mistakes like sending personal information to the wrong party, having a laptop stolen, or failing to shred sensitive documents prove that it’s not just cybercriminals we need to worry about.
Accidental data leakage is unfortunate and frustrating because it seems like something that can easily be prevented. But we all make mistakes. That’s why it’s important to not only keep our eyes and ears open, but also work together and look out for one another. Basically, if you see something, or hear something, say something!
Stats, images, and charts courtesy of Verizon Data Breach Investigations Report
Latest posts by Justin Bonnema (see all)
- Incident Response: Time Is Not On Your Side - April 1, 2019
- 5 Traits of Security Aware Parents - March 14, 2019
- Bad Habits of Senior Managers That Put Security of Organizations at Risk - March 1, 2019