Verizon’s 2020 Data Breach Investigations Report has revealed that financial gain remains the key driver for cyber crime, with 86 per cent of breaches investigated being financially-driven.

The vast majority of breaches continue to be caused by external actors - 70 per cent - with organised crime accounting for 55 per cent of these.

The 13th edition of the report analysed 32,002 security incidents, of which 3,950 were confirmed breaches – almost double the 2,013 breaches analysed last year. These cases came from 81 global contributors from 81 countries, and the analysis also now covers 16 business sectors.

Credential theft and social attacks - such as phishing and business email compromises – were found to cause 67 per cent of breaches. Specifically, 37 percent of credential theft breaches used stolen or weak credentials, 25 percent involved phishing, and human error accounted for 22 per cent.

The 2020 report highlighted a year-on-year doubling in web application breaches, up 43 per cent, with stolen credentials used in over 80 percent of these cases.

Ransomware also saw a slight increase, found in 27 per cent of malware incidents, compared to 24 percent in the 2019 survey, with 18 per cent of organisations reported blocking at least one piece of ransomware last year.

"As remote working surges in the face of the global pandemic, end-to-end security from the cloud to employee laptop becomes paramount," said Tami Erwin, chief executive at Verizon Business. "In addition to protecting their systems from attack, we urge all businesses to continue employee education as phishing schemes become increasingly sophisticated and malicious."

Verizon’s 2020 report pointed out that as a growing number of small and medium-sized businesses switch to cloud and web-based applications and tools, they have become prime targets for cyber attackers.

Phishing is the biggest threat for small organisations, accounting for over 30 per cent of breaches. This was followed by the use of stolen credentials (27 per cent) and password dumpers (16 per cent).

Attackers targeted credentials, personal data and other internal business-related data such as medical records, internal secrets or payment information. Over 20 per cent of attacks were against web applications, and involved the use of stolen credentials.

Breaking the results down by industry showed some differences in threats. In manufacturing for instance, 23 per cent of malware incidents involved ransomware, compared to 61 per cent in the public sector and 80 per cent in educational services. Errors accounted for 33 per cent of public sector breaches, but only 12 percent of manufacturing.

In financial services, 30 per cent of breaches here were caused by web application attacks, primarily driven by external actors using stolen credentials to get access to sensitive data stored in the cloud. Verizon stated that the move to online services was a key factor.

Geographically, in Europe, Middle East and Africa (EMEA), Denial of Service (DoS) attacks accounted for over 80 per cent of malware incidents, while 40 per cent of breaches targeted web applications, using a combination of hacking techniques that leverage either stolen credentials or known vulnerabilities. Finally, 14 per cent of breaches were associated with cyber-espionage.

Alex Pinto, lead author of the report, commented: “Security headlines often talk about spying, or grudge attacks, as a key driver for cyber crime, but our data shows that is not the case.

“Financial gain continues to drive organised crime to exploit system vulnerabilities or human error.”

Share Story: