Verizon Wireless has been publishing an annual data breach investigations report since 2008, where the company takes a deeper look at data breaches in all sectors. The Verizon Data Breach Investigations Report for 2022 was recently published and there were quite a few findings related to a multitude of areas including ransomware and commonly seen causes of data breaches, among other areas as well. Below, we’ll take a high-level look at some of these findings and see what they mean for you and your business.
Ransomware continued its vicious growth with a 13% increase from 2020 to 2021. This jump alone equates to the growth seen in the previous five years combined. This is a result of cybercriminals opting for malicious software, or malware, in order to gain access to businesses’ networks. Of all the malware out there, ransomware appears to have been the most profitable and often successful forms. Ransomware is almost certain to enter your business if you do not protect the four key entryways found in the Verizon DBIR.
The four main entryways that allow one to access your business and all of its data were summed up by Verizon as being credentials, phishing, exploiting vulnerabilities, and botnets. Credentials accounted for nearly half of all access to a company’s estate, followed by phishing which made up almost 20% of all access attempts. As stated by Verizon in their report, no entity is safe without a plan to handle each of these entryways. It is crucial for your business’ overall cybersecurity plan to address these areas; one way to address credential-related threats is to implement multi-factor authentication, which requires a user to utilize at least two methods to login to your networks. This is often seen with a variety of websites where users are prompted to login with their user name and password as well as through providing a code that gets sent to them via a linked contact information such as a phone number or email address. Phishing attempts can be reduced by educating employees on what to look for in a phishing email as well as having a dedicated team at your company for individuals to turn to whenever they see something that seems suspicious.
Causes of Data Breaches
There are many factors that can cause a data breach, but the Verizon 2022 DBIR summarized these causes into their two main categories, the human element and network or device vulnerabilities.
The Human Element
The human element essentially means that people cause data breaches and it is one of the primary causes driving data breaches. The majority of breaches are caused by external actors, however internal actors (i.e. employees of your business) accounted for nearly 20% of breaches. This is why continuous employee education of cybersecurity best practices is one of the most invaluable cybersecurity tools at your disposal. From teaching employees to strongly guard their credentials to helping them become aware of the warning signs of a phishing scam to teaching everyone to operate in intentional ways daily, there are many ways to address the issue of the human element causing breaches. This allows you to turn your employees from a cybersecurity hazard to one of your best security assets — after all, knowledge is power!
In addition to the human element, data breaches are caused by what can simply be summarized as vulnerabilities. Be it a network vulnerability caused by a lack of a strong firewall or a device vulnerability caused by an out-of-date application putting your computer at risk, vulnerabilities are exactly that — a weak spot in your cyber defenses.
Motives for Attack
The 2010 iteration of the DBIR stated, “Today’s cybercriminals are not hobbyists seeking knowledge or thrills; they are motivated by the illicit profits possible in online crime.” This still holds true 12 years later and the top motive for attackers is financial or personal gain. This was common across organizations of all sizes, however the next two most common motives – disagreement/protest or fun/curiosity – primarily impacted larger organizations over any other sized org. Each of those two secondary motives made up roughly a quarter of the causes behind breaches against larger businesses.
The 2022 DBIR looked at 23,896 incidents, of which 5,212 were confirmed data breaches. The report goes further to look into the specifics of which industries were most impacted and how businesses of different sized were affected as well.
The top three industries affected by incidents across the board -apart from cases where the industry was unknown – included Professional (3,566), Public Administration (2,792), and Information (2,527), followed closely by Finance and Manufacturing. Of these industries, the Finance industry had the most actual breaches as a result of incidents across the board. The industry which impacted small businesses (those with 1000 employees or less) the most was Professional (1,095 incidents), followed by a distant second and third of Manufacturing (168 incidents) and Retail (157 incidents). The Professional industry also resulted in the most data breaches for small businesses far more than any other industry. This goes to show that no matter what work you do or the size of your business, data breaches have the potential to affect you. This is why it is crucial to learn from the experiences of others and secure your business.