Verizon’s DBIR 2024 report has cataloged 30,458 incidents from November 1, 2022 to October 2023. Out of these, almost one-third were confirmed incidents related to data breaches.
Today, we will be breaking down which industries bore the brunt of these cybersecurity incidents and how they have fared since the preceding year.
At its core, a cyber attack’s destructivity is directly proportional to how important the targeted data is.
Essentially what that means is that different industries will react differently to security incidents and data breaches because of differing attack surfaces. This is why it is instrumental in understanding that an industry’s security standing cannot only be determined based solely on incident reports.
Nonetheless, by analyzing the patterns of security and data breaches, business owners and security teams alike have the invaluable insight they need to work towards formulating their incident response plans.
Let’s break the data from the DBIR 2024 report down based on nine industries hit hard by cyber attacks:
Frequency: 220 incidents | 106 confirmed data breaches
Data compromised:
Credentials - 50%
Personal - 28%
Payment - 19%
System - 19%
Other - 16% (breaches)
The accommodation and food services industry faces three main core threats:
Social engineering
System intrusion
Web application attacks
Regarding social engineering, there has been a remarkable increase since last year, possibly due to an increase in pretexting, which has more than doubled since last year and now accounts for 20% of social engineering incidents.
Ransomware continues to be one of the top attack varieties, as it has been for the last three years. However, this year instead of the proportion of these attacks increasing, they have been held constant at 16% of all incidents.
In other news, payment card data being compromised has dropped to an all-time low. This is believed to be due to improved security measures in chip technology that are causing attackers to change their focus toward other approaches.
Frequency: 1,780 incidents | 1,537 confirmed data breaches
Data compromised:
Personal - 83%
Internal - 20%
Other - 18%
Credentials - 9%
With regards to the educational services industry, here are the top error varieties committed by internal actors that lead to cyber incidents:
Misdelivery - 56%
Loss - 19%
Classification errors - 10%
Others - 15%
Apart from these, the education sector has been affected by three main malware types:
Backdoor - 57%
Hacking (exploiting vulnerabilities) - 56%
Social (extortion) - 50%
Frequency: 3,348 incidents | 1,115 confirmed data breaches
Data compromised:
Personal - 75%
Other - 30%
Bank - 27%
Credentials - 22%
The top three patterns this year were social engineering, miscellaneous errors, and system intrusion. Unlike last year, Basic Web Application Attacks were not a part of the top three patterns.
These differences could potentially show that organizations in this sector may be taking more precautions in terms of cybersecurity, forcing attackers to use more complicated malware.
Frequency: 1,378 incidents | 1,220 confirmed data breaches
Data compromised:
Personal - 75%
Internal - 51%
Other - 25%
Credentials - 13%
The trend of decreasing malicious insider threats in the healthcare sector that had been maintained since 2018 began to reverse since last year, continuing to increase this year.
In this sector, misdelivery seemed to be the most prominent error, while loss and gaffe followed suit.
Frequency: 1,367 incidents | 602 confirmed data breaches
Data compromised:
Other - 46%
Personal - 45%
Credentials - 27%
Internal - 22%
The Information sector showed 741 fewer security breach incidents this year as compared to last year.
The top action varieties in this industry this year were:
Ransomware
The use of stolen creds
With regards to social engineering, there was a slight decrease in phishing attacks along with a corresponding rise in pretexting, indicating that attackers are having to use more complicated cyberattack techniques.
Frequency: 2,305 incidents | 849 confirmed data breaches
Data compromised:
Personal - 58%
Other - 40%
Credentials - 28%
Internal - 25%
The proportions of errors in the manufacturing sector this year were spread as follows:
Misdelivery - 48%
Loss - 20%
Misconfiguration - 18%
System intrusion continues to be the most common attack variety in this sector with social engineering and miscellaneous errors being the second and third most common respectively.
Social engineering remains steady with regard to breaches in this sector due to action varieties such as:
Phishing - 55%
Pretexting - 42%
Frequency: 2,599 incidents | 1,314 confirmed data breaches
Data compromised:
Personal - 40%
Credentials - 38%
Other - 33%
Internal - 23%
Like most of the industries covered, social engineering and system Intrusion are in the most common patterns, although there’s also the inclusion of Miscellaneous Errors.
The main action varieties used in this sector were as follows:
Ransomware - 24%
Business Email Compromise - 20%
Pretexting - 40%
Frequency: 12,217 incidents | 1,085 confirmed data breaches
Data compromised:
Personal - 72%
Internal - 37%
Other - 31%
Credentials - 17%
This year, the miscellaneous errors attack pattern surged to the top spot in the public administration industry with system intrusion and social engineering following suit.
The most recurring error in this vertical was misdelivery (when information is wrongly delivered).
Internal actors were the top threat this year indicating the fact that even well-intentioned employees can trigger a data breach simply by being careless.
Frequency: 725 incidents | 369 confirmed data breaches
Data compromised:
Credentials - 38%
Payment - 25%
System - 20%
Other - 31%
In the retail sector, the three main patterns were system intrusion, social engineering and basic web application attacks, in that respective order.
In other news, Pretexting has emerged triumphant over Phishing as the top social action in this industry.
Multiple patterns have been uncovered in this year’s Data Breach Investigations Report 2024, from errors to action varieties. By studying the data, security teams and organizational IT personnel can formulate or alter their measures against cyber attacks based on what industry they're working in. These reports help specialists establish parallels to previous years, as well as anticipate patterns for the future to better secure business’ sensitive data.
Note: This post is part of our extensive coverage of Verizon's Data Breach Investigations Report 2024, detailing the top cybersecurity threats faced by governmental, non-profit, and corporate organizations.