Mesut Eryilmaz from Verizon talks to TEISS about findings on the 2018 Data Breach Investigations Report (DBIR). The 11th edition of the DBIR includes data from 67 contributing organizations, with analysis on over 53,000 incidents and 2,216 breaches from 65 countries.
Mesut explains that the report is a must read for all industries to understand the current cyber threat landscape. He says that it’s clear we need to get better at detecting attacks – singling out no particular nation – stating it’s a worldwide problem.
Unsurprisingly, humans continue to be a security weakness with financial pretexting and phishing attacks now targeting HR departments. Interestingly, only 1 in 6 employees who are among the 20% who open phishing emails will report their mishap – for fear of losing their jobs. Mesmut highlights the need to make employees feel safe to be able to report these incidents. Furthermore, he says there should be more interdepartmental collaboration in companies to improve their cyber security; it’s not just an I.T. department issue.
This year’s report details the continued prevalence of ransomware and the impact on organisations as they face a rising number of external attacks, increasingly carried out by organized cyber criminals.
Also of interest: Transforming security decision making
Some of the key findings include:
- The scourge of ransomware continues – Ransomware incidents more than doubled again this year compared to last year’s DBIR. It was the 22nd most common variety of malware in 2014 and the fifth most common in 2016, and is now the most common form of malware.
- Watch out for wolves in sheep’s clothing – this year’s DBIR noted a significant trend in social-engineering and pretexting attacks targeting finance and HR departments, with nearly 1,500 incidents and just shy of 400 confirmed data breaches reported. In these attacks, hackers were attempting to solicit employee information from HR departments to use in fraudulent activities, or to convince finance departments to make a transfer of funds by posing as a company CEO.
- Basic errors cause big problems – Simple errors, such as failing to shred confidential information, sending e-mails to the wrong person or misconfiguring web services, were at the heart of nearly one in five breaches. What’s more, more than 20% people still click on at least one phishing campaign during a year.
- Better the devil you know? – Over a quarter of all breaches were perpetrated by insiders; driven largely by financial gain, espionage and simple mistakes or misuse. The healthcare industry was found to be at particularly high risk of insider threats through errors and employee misuse – such as medical workers accessing patient records for simple curiosity or fun.
- Money still makes the world go round – Organised criminal groups continue to be behind around half of all breaches, whilst state-affiliated groups were involved in more than one-in-ten. Correspondingly financial gain continued to be the top motivation for cybercriminals.
The full report can be found here.
The DBIR draws its findings from an analysis of real-world data breaches investigated by Verizon and an extensive range of third-party contributors during the last 12 months; with regular contributors including the likes of the U.S. Secret Service, UK legal services firm Mishcon de Reya, UK insurer Chubb and the Irish Reporting and Information Security Service (IRISS CERT), amongst others.