23RD NOV 2023
The Verizon DBIR 2023 report provides a stark warning about the changing nature of cyber threats, emphasizing the need for organizations to prioritize identity security and adopt a unified approach to cybersecurity.
As attacks become more sophisticated, businesses must proactively strengthen their defenses to safeguard against evolving threats and protect.
Verizon's DBIR exposes the alarming rate at which cyber threats are evolving to manipulate people’s good nature. Pretexting, orchestrated social engineering, and business email compromise (BEC) have become common strategies, with the median theft amount for BEC skyrocketing to $50,000, according to data from the Internet Crime Complaint Center (IC3). Attackers are finding new ways to deceive victims, making it crucial for organizations to strengthen their defenses against these tactics.
Despite increased spending on cybersecurity, the report reveals that the industry is not adapting quickly enough to protect against advanced pretexting attacks. Merely doubling spending on training or relying on ineffective fake phishing emails is insufficient. Experts suggest adopting a proactive approach by assuming a breach will occur and implementing preventative measures. Implementing strong cybersecurity practices and gradually enforcing zero trust can enhance defense capabilities without requiring significant financial investments.
Pureversity has highlighted ten key takeaways from the report that shed light on the evolving threat landscape:
External attackers initiate 83% of breaches, primarily driven by financial gain. Organized crime groups are responsible for 80% of these breaches, often utilizing ransomware as their weapon of choice.
Financial services, information, public administration and manufacturing sectors are prime targets due to their critical role in delivering products and services.
84% of breaches involve social engineering attacks and business email compromise (BEC) strategies, with humans as the primary attack vector. Human error, social engineering, and misuse account for 74% of breaches. Last year’s DBIR report showed the figure to be even higher at 82%. But the year before that, only 35% of successful breaches started that way.
Insider attacks comprise 19% of breaches and pose significant challenges for organizations. AI and machine learning are crucial in detecting and mitigating insider threats.
System intrusion, basic web application attacks, and social engineering are the leading attack strategies. The latest Verizon DBIR reveals a significant shift in the causes of information industry breaches. Two years ago, basic web application attacks dominated, accounting for 39% of breaches and being 89% financially motivated. Additionally, phishing and BEC attacks were prevalent, with a financial motivation of 95%.
However, this year’s report shows a different landscape, with system intrusion, basic web application attacks, and social engineering now responsible for 77% of breaches, most of which are financially motivated. System intrusion has surpassed basic web application attacks as the top incident category.
Social engineering attacks, including BEC and pretexting, have nearly doubled, making up over 50% of all social engineering incidents. The 2022 Verizon DBIR revealed that social engineering attacks accounted for 25% of breaches. In 2021, BECs emerged as the second most prevalent form of social engineering, while misrepresentation experienced a 15-fold increase in the past three years.
95% of breaches are financially motivated, dispelling the notion of widespread nation-state espionage. Financial gain is now the primary motivation for cyberattacks, surpassing corporate espionage and revenge attacks.
Ransomware incidents have surged, constituting 62% of breaches this year. Average ransomware payouts have more than doubled in the past two years, with financial services and manufacturing industries being hardest hit. The median cost per ransomware incident has doubled to $26,000 in the past two years, with 95% of incidents resulting in losses between $1 and $2.25 million.
Exploitation of Log4j vulnerabilities exemplifies attackers’ opportunistic nature, underscoring the importance of swift response and vulnerability management.
Financial and insurance industries are most vulnerable, with 74% of breaches involving compromised personal data.
Verizon's report emphasizes the necessity for organizations to revamp their cybersecurity strategies. They must address human factors, such as insider threats while staying ahead of rapidly evolving attack strategies. It is crucial to cultivate a cybersecurity culture that extends beyond IT departments and promotes constant adaptation to emerging threats. Vigilance, resilience, and comprehensive defense measures are key to mitigating the growing risks cybercriminals pose.
