BY Richard Summerfield
The risk posed by ransomware attacks has increased significantly over the last year, according to the 15th annual Verizon 2022 Data Breach Investigations Report.
The report, which aims to increase awareness among organisations of what tactics threat actors are likely to use in data incidents and breaches, analysed 23,986 security incidents from 1 November 2020 to 31 October 2021, and found that ransomware attacks had increased by 13 percent in a single year in 2021, a jump greater than the past five years combined.
According to the report, organised crime continues to be a pervasive force in the world of cyber security, with four out of every five breaches attributed to it over the last 12 months. External actors were approximately four times more likely to cause breaches in an organisation than internal actors, the report notes. Furthermore, the coronavirus (COVID-19) pandemic, as well as ongoing and increasingly fraught geopolitical tensions, have also impacted cyber security, driving increased sophistication, visibility and awareness around nation-state affiliated cyber attacks.
“Over the past few years, the pandemic has exposed a number of critical issues that businesses have been forced to navigate in real-time,” said Hans Vestberg, chief executive and chairman of Verizon. “But nowhere is the need to adapt more compelling than in the world of cybersecurity. As we continue to accelerate toward an increasingly digitized world, effective technological solutions, strong security frameworks, and an increased focus on education will all play their part in ensuring that businesses remain secure, and customers protected.”
Verizon also pinpointed the risk faced by supply chains. Supply chain issues have come to dominate the international economic landscape over the past year, and the cyber security space is no different. According to the report, 62 percent of system intrusion incidents came through a supply chain partner of the target organisation.
Twenty-five percent of total breaches were the result of social engineering attacks. The human element accounts for 82 percent of analysed breaches over the past year, including human errors and misuse of privilege. Specifically, human error is responsible for 13 percent of breaches according to the report. ‘Misconfigured cloud storage’ was reported to have been a key driver behind this increase. Stolen credentials and phishing were also dominant among the attacks involving human elements.
“Assess your exposure, mitigate your risk, and take appropriate action,” suggested Dave Hylender, lead author of the report. “As is often the case, getting the basics right is the single most important factor in determining success.”
News: Ransomware threat rises: Verizon 2022 Data Breach Investigations Report