A key report on cybercrime has found that C-suite executives are being increasingly and proactively targeted for social breaches, correlating to a rise of social engineering attacks with financial motivation.
The Verizon 2019 Data Breach Investigations Report (DBIR), which analysed 41,686 security incidents and 2,013 confirmed breaches from across 86 countries, has come up with this finding. This 12th edition of the DBIR includes data from 73 contributors, the highest number since its launch.
Senior executives are 12x more likely to be the target of social incidents, and 9x more likely to be the target of social breaches than in previous years – and financial motivation remains the key driver, the DBIR says. It says financially-motivated social engineering attacks (12% of all data breaches analysed) are a key topic in this year’s report, highlighting the critical need to ensure all levels of employees are made aware of the potential impact of cybercrime.
The report points out that a successful pretexting attack on senior executives can reap large dividends as a result of their often unchallenged approval authority, and privileged access into critical systems. Typically time-starved and under pressure to deliver, senior executives quickly review and click on emails prior to moving on to the next (or have assistants managing email on their behalf), making suspicious emails more likely to get through. The increasing success of social attacks such as business email compromises (BECS - which represent 370 incidents or 248 confirmed breaches of those analysed), can be linked to the unhealthy combination of a stressful business environment combined with a lack of focused education on the risks of cybercrime.
Cloud-based solutions for sharing and storing information are also adding to the vulnerability of data, this year’s report points out. This growing trend of storing information within cost-effective cloud-based solutions is exposing companies to additional security risks. Analysis found that there was a substantial shift towards compromise of cloud-based email accounts via the use of stolen credentials. In addition, publishing errors in the cloud are increasing year-over-year, a Verizon statement added.
Misconfiguration (“Miscellaneous Errors”) led to a number of massive, cloud-based file storage breaches, exposing at least 60 million records analysed in the DBIR dataset. This accounts for 21% of breaches caused by errors.
Some of the other major findings of the 2019 report include the fact that attacks on human resource personnel have decreased from last year. In fact, the report says a 6x decline from last year was noticed.
The Chip and Pin payment technology has started delivering security dividends: The number of physical terminal compromises in payment card related breaches is decreasing compared to web application compromises, the DBIR says.
Ransomware attacks are still going strong and account for nearly 24% of incidents where malware was used. Ransomware has become so commonplace that it is less frequently mentioned in the specialized media unless there is a high profile target, it says.
The report had another interesting finding: Media-hyped crypto-mining attacks were hardly existent. These types of attacks were not listed in the top 10 malware varieties, and only accounted for roughly 2 percent of incidents.
The DBIR found that outsider threats remain dominant, and external threat actors are still the primary force behind attacks (69% of breaches) with insiders accounting for 34%.