14 DAY TRIAL // The Verizon study investigates more security breaches than ever before and highlights the effect on international safety in the global pandemic of the most prevalent types of cyberattacks. This year's study found 5,258 security breaches by 83 authors worldwide, a third more than last year.
Phishing and ransomware attacks rose by 11% and 6% respectively due to an unprecedented increase of employees working remotely. Furthermore, instances of misrepresentation rose 15 times over the previous year.
Breach data revealed that 61% of breaches included credential data. Simply put, 95% of organizations investigated had between 637 and 3.3 billion malicious login attempts through the year.
The study also highlighted the difficulties that companies face as they shift more of their business functions to the cloud, with web application attacks accounting for 39% of all breaches.
Tami Erwin, CEO, Verizon Business stated that “The COVID-19 pandemic has had a profound impact on many of the security challenges organizations are currently facing”.
He continues that more companies are switching business-critical functions to the cloud. Due to this change, the potential threat to their business operations may become higher as bad actors look to exploit human vulnerabilities.
The updated report trends clarify 95.8% of analyzed breaches and 99.7% of analyzed events over time and can give consumers a greater understanding of the risks that occur and how their companies can prevent them.
Industries under the spotlight
The 2021 DBIR study provides an in-depth analysis of 12 sectors. The conclusions show that while protection remains a threat across the board, there are major gaps between verticals. For example, in the financial and insurance sectors, 83% of data compromised in breaches was personal data. The other highlights are:
- Financial and Insurance – Misdelivery accounted for 55% of financial sector failures. External actors frequently target the financial sector with credential and ransomware attacks.
- Healthcare - Basic human error continues to impact this industry, as it has for many years. Misdelivery, accounting for 36% of failures, remains the most common error, whether electronic or paper records are involved.
- Public Administration - The social engineer is by far the most dangerous threat in this field. Cybercriminals can create a convincing phishing email and steal credentials data at an unprecedented pace in this industry.
- Retail Trade - The retail industry remains a priority for financially motivated cybercriminals looking to profit from the combination of payment cards and personal information that this industry is known for. Pretexting and phishing are two social strategies that often result in fraudulent money transfers.
Regional trends
The report's 83 contributors provided detailed insights into regional cyber-trends, highlighting important similarities and disparities between them.
Most Financially motivated attacks took place in the Asia Pacific area with phishing employees for credentials and then using stolen credentials to gain access to email accounts or web application servers.
Europe, Middle East, and Africa were hit mostly by Basic Web Application Attacks, System Intrusion, and Social Engineering.
Northern America is often targeted by Financially motivated attacks. In addition to that, this geographical area encountered attacks such as Social Engineering, Hacking, and Malware.