Cyber-Espionage and Ransomware Attacks Are on the Increase

Cyber-espionage is the most common type of attack seen in manufacturing, the public sector, and now education, warns the Verizon 2017 Data Breach Investigations Report. Much of this is due to the proliferation of proprietary research, prototypes, and confidential personal data, which are hot-ticket items for cyber-criminals. Nearly 2,000 breaches were analyzed in this year's report, and more than 300 were espionage-related with many starting out as phishing e-mails.

In addition, organized criminal groups escalated their use of ransomware to extort money from victims: this year's report sees a 50 percent increase in ransomware attacks compared to last year. Despite this increase and the related media coverage surrounding the use of ransomware, many organizations still rely on out-of-date security solutions and are not investing in security precautions. In essence, they are opting to pay a ransom demand rather than to invest in security services that could mitigate against a cyber-attack.

This year's Data Breach Investigations Report—the 10th anniversary edition—combines up-to-date analysis of the biggest issues in cyber-security with key industry-specific insights, putting security squarely on the business agenda. Major findings include the following.

• Malware is big business. Of data breaches analyzed, 51 percent involved malware. Ransomware rose to the fifth most common specific malware variety. Ransomware—using technology to extort money from victims—saw a 50 percent increase from last year's report and a huge jump from the 2014 Data Breach Investigations Report, where it ranked 22 in the types of malware used.
• Phishing is still a go-to technique. In the 2016 report, Verizon flagged the growing use of phishing techniques linked to software installation on a user's device. In this year's report, 95 percent of phishing attacks follow this process. Phishing is utilized in 43 percent of data breaches, and the method is used in both cyber-espionage and financially motivated attacks.
• Pretexting is on the rise. Pretexting is another tactic on the increase, and the 2017 Data Breach Investigations Report showed that it is predominantly targeted at financial department employees—the ones who hold the keys to money transfers. E-mail was the top communication vector, accounting for 88 percent of financial pretexting incidents, with phone communications in second place with just under 10 percent.
• Smaller organizations are also a target. Of victims analyzed, 61 percent were businesses with fewer than 1,000 employees.

"Cyber-attacks targeting the human factor are still a major issue," says Bryan Sartin, executive director, Global Security Services, Verizon Enterprise Solutions. "Cyber-criminals concentrate on four key drivers of human behavior to encourage individuals to disclose information: eagerness, distraction, curiosity, and uncertainty. And as our report shows, it is working, with a significant increase in both phishing and pretexting this year."

Business Sector Insights Give Real-Life Customer Intelligence

This year's report provides tailored insights for key business sectors, revealing specific challenges faced by different verticals, and also answering the "who?" "what?" "why?" and "how?" for each. Key sector-specific findings include the following.

• The top 3 industries for data breaches are financial services (24 percent), health care (15 percent), and the public sector (12 percent).
• Companies in the manufacturing industry are the most common targets for e-mail-based malware.
• In health care, 68 percent of threat actors are internal to the organization.

"The cyber-crime data for each industry varies dramatically," comments Mr. Sartin. "It is only by understanding the fundamental workings of each vertical that you can appreciate the cyber-security challenges they face and recommend appropriate actions."

Get the Basics in Place

With 81 percent of hacking-related breaches leveraging stolen passwords and/or weak or guessable passwords, getting the basics right is as important as ever before. Some recommendations for organizations and individuals alike include the following.

1. Stay vigilant: log files and change management systems can give you early warning of a breach.
2. Make people your first line of defense: train staff to spot the warning signs.
3. Keep data on a "need-to-know" basis: only employees who need access to systems to do their jobs should have it.

4. Patch promptly: this could guard against many attacks.

5. Encrypt sensitive data: make your data next to useless if it is stolen.
6. Use two-factor authentication: this can limit the damage that can be done with lost or stolen credentials.
7. Do not forget physical security: not all data theft happens online.

"Our report demonstrates that there is no such thing as an impenetrable system, but doing the basics well makes a real difference. Often, even a basic defense will deter cyber-criminals who will move on to look for an easier target," concludes Mr. Sartin.