According to the Verizon Data Breach Investigations Report 2016, 95% of breaches and 86% of security incidents fall into nine patterns:
• Miscellaneous errors. Any unintentional action or mistake that compromises
security, excluding the loss of assets.
• Insider and privilege misuse. Mainly consists of incidents involving misuse
by insiders, but outsiders and partners granted privileged access to systems
also show up.
• Physical theft and loss. The loss or theft of laptops, USB drives, printed
papers and other information assets.
• Denial of service (DoS). DoS attacks can bring normal operations to a halt,
causing chaos.
• Crimeware. This covers any use of malware that doesn’t fall into a more
specific pattern. 39% of crimeware incidents in 2015 involved ransomware.
• Web app attacks. Where a web app, such as a content management
systems or e-commerce platform was used as the means of entry. 95% of web
app attacks where criminals stole data were financially motivated.
• Point-of-sale (POS) intrusions. When attackers compromise the computers
and servers that run POS applications.
• Cyber-espionage. Attacks carried out by state-affiliated actors, often looking
for intellectual property.
• Payment card skimmers. Incidents involving physical installation of a device
on an ATM, gas pump or POS terminal that intercepts card data.
In 93% of cases where data was stolen, systems were compromised in minutes or less. In 83% of cases, victims didn’t find out that they had been breached for weeks or more.
According to the Verizon Data Breach Investigations Report 2016, 89% of all attacks involve financial or espionage motivations. 63% of confirmed data breaches involve using weak, default or stolen passwords. This year’s report calls out the rise of a new three-step attack that is being repeated by cybercriminals. Many organizations are falling prey to this type of attack, which consists of:
• Sending a phishing email with a link that directs the user to the malicious
website or contains a malicious attachment.
• Malware is downloaded onto an individual’s computer that establishes the initial
foothold, providing an open door for additional malware to be loaded.
• Use of the victims’ credentials to enable further attacks, including logging into
third-party websites such as banking or retail sites.
The top 10 stats and takeaways from the Verizon 2016 Data Breach Investigations Report are as follow:
- 4 out of 5 data breaches are attributed to external hackers
- The majority of data breaches target users and their devices
- 63% of confirmed data breaches involved weak, default or stolen passwords
- In 93% of data breaches, compromise occurred in minutes or less
- 99% of malware hashes are seen for only 58 seconds or less
- Just 10 vulnerabilities accounted for 85% of successful exploitations in 2015
- 50% of exploitations happen between 10 and 100 days after the vulnerability is published (median = 30 days)
- Phishing campaigns have a 30% open rate
- Email attachments are the #1 delivery vehicle for malware
- 90% of the data breaches in 2015 followed 1 of 9 common patterns
According to the Verizon Data Breach Investigations Report 2016, phishing tops the list of increasing concerns. Phishing has picked up dramatically over the prior year. Email is the weapon of choice for cybercriminals, phishing is trending up and it is leading to more data breaches than ever before. Verizon combined over 8 million results of sanctioned phishing tests in 2015 from multiple security awareness vendors and found that 30 percent of phishing messages were opened in 2016 – up from 23% in the 2015 Verizon Report – and 13% of those clicked to open malicious attachments or nefarious link. Only 3% of the targeted individuals reported the phishing e-mail to management.
According to Laurance Dine at Verizon Enterprise Solutions, the median time for the first user of a phishing campaign to open the malicious email is 1 minute, 40 seconds. Additionally, according to Dine, the median time to the first click on the attachment was 3 minutes, 45 seconds.
According to the Verizon 2015 Data Breach Investigations Report, cyberattacks are becoming increasingly sophisticated, but that many criminals still rely on phishing and hacking. According to the report, 70% of cyberattacks use a combination of phishing and hacking and involve a secondary victim, adding complexity to the breach. In 60% of breaches, attackers are able to compromise an organization within minutes.
96% of the nearly 80,000 security incidents that Verizon analyzed for 2015 can be traced to 9 basic attack patterns:
• Miscellaneous errors
• Crimeware
• Insider/privilege misuse
• Physical theft/loss
• Web app attacks
• Denial-of-service attacks
• Cyberespionage
• Point-of-sale intrusions
• Payment card skimmers