Categories
Blog

6 Data breach truths unveiled by Verizon in DBIR Report 2024 

Home » Blog » 6 Data breach truths unveiled by Verizon in DBIR Report 2024 

6 Data breach truths unveiled by Verizon in DBIR Report 2024 

The recent 17th edition of the research report titled Data Breach Investigations Report by Verizon Business revealed many insightful facts on data breaches. The report is based on an analysis of 30,458 incidents and 10,626 confirmed data breaches across 94 countries.  

Through our blog, we will have a closer look at the report’s findings and what they mean for businesses worldwide. 

What are the key findings of the report? 

Here are the key findings of the report: 

Verizon data breach finding 1: 

Attackers continue to target application and software based vulnerabilities.  

Zero-day exploit based cyber-attacks certainly topped among the biggest cybersecurity challenges for businesses worldwide. As per the report, the exploitation of security vulnerabilities has increased by 180% (triple) from last year, especially, zero-day vulnerabilities like MOVEit.  

It has allowed the attackers to engage in account takeovers, maintain a foothold in the network, and engage in more serious attacks. Verizon has found that the increase in the exploitation of the vulnerabilities indicates towards the predicted rise in the number of supply chain attacks worldwide.  

Some of the most common methods utilized by attackers, as per the report, are as follows:

  • 90% = exploitation of vulnerabilities 
  • 80% – Backdoor or C2 exploits 
  • 75% – Extortion  
  • <40% – use of stolen credentials, ransomware, export data, password dumper & other methods

Verizon data breach finding 2:

The threat of ransomware remains rampant and steadily impacting businesses. 

The threat of ransomware has increased steadily over time, and businesses are more at risk of ransomware than they were before. They must proactively prepare themselves against the risk of ransomware and take steps to preemptively identify risks and gaps in security and awareness among their workforce across different levels of the organization.  

They must seek assistance from trusted cybersecurity experts who can not only help them identify the risks across their posture but also help them take the much-needed steps to bridge security and awareness gaps.  

“As per Verizon, 32% of all data breaches have been caused by, ransomware attacks.”

The research found that 1/3rd of all data breaches was ransomware with pure extortion attacks forming 9% of all the attacks affecting operations, finances, and reputation of 92% of all industries worldwide.  The research has also found that threat actors used web applications as the preferred vector for entry for ransomware attacks. 

Verizon data breach finding 3:

Human error continues to be one of the primary factors exploited by cybercriminals. 

Human element remains one of the primary factors that were exploited by threat actors with over 68% of the data breaches caused due to human errors. Attackers use social engineering methods like phishing to bait them into clicking malicious links or inputting their data to gain access to their networks.

“As per Verizon, in simulated phishing attacks, only 20% of users reported phishing.” 

Users took a median time of 21 seconds to click on a malicious link and a mere 28 seconds to input their data to a malicious website. The median time for users to fall for phishing was around 60 seconds.  

There is a rise in cyber-attacks due to persistent individual awareness gaps in organizations. Attackers are leveraging this break in the wall of security to engage in orchestrating cyber-attacks. For example, using a weak password to secure an account or unknowingly posting personal information online could be used by hackers to create phishing campaigns that are tailored based on the information.  

It calls for increased emphasis on building a culture for cybersecurity and raising awareness of security among individuals through security awareness training. Verizon’s report has highlighted that security vulnerabilities were accounted for in the human error equation.  The rise in security vulnerabilities and zero-day vulnerabilities was attributed to the lack of quality control measures that ensure periodical security testing of the applications and software for quicker patch management.   

“As per Verizon, it takes around 55 days for organizations to remediate 50% of critical vulnerabilities after their patch release.”

Verizon data breach finding 4:

Increased businesses were under data breach risk due to Third party exposure. 

As per the Verizon report, there was a rise in data breaches due to third-party exposure to security vulnerabilities or compromise of third-party vendors. 15% of all data breaches were due to third-party or vendor exposure it has increased by 68% since 2023. It means that increased businesses don’t have an effective mechanism in place for assessing and addressing third-party risk. It necessitates an effective assessment and strengthening of policies for vendors and third-party security risk management.   

Verizon data breach report finding 5:

Industrial impact.

Social engineering, System intrusion, and Exploitation of miscellaneous errors remain the common methods used by attackers in carrying out attacks in all industries, with the most common motive being financial.  Refer to the table below reflecting the findings specific to the analysis of the industrial impact of data breaches.  

Industry Threat Actors Motives Top Patterns Data stolen 
Accommodation and Food Services External (92%) Internal (9%) Multiple (1%)  Financial (100%)  92% of attacks were carried out through System Intrusion Social Engineering Basic Web Application Attacks  Credentials (50%) Personal (28%) Payment (19%) System (19%) Other (16%) 
Educational Services External (68%) Internal (32%)  Financial (98%) Espionage (2%)  90% of the attacks were orchestrated through System Intrusion, Social Engineering and Miscellaneous Errors Personal (83%) Internal (20%) Credentials (9%)  Other (18%)  
Financial and Insurance External (69%) Internal (31%)  Financial (95%) Espionage (5%) 78% of data breaches were orchestrated through System Intrusion, Miscellaneous Errors, and Social Engineering  Personal (75%) Bank (27%) Credentials (22%) Other (30%) 
Healthcare External (30%) Internal (70%) Financial (98%) Espionage (2%) 83% of the data breaches were carried out through Miscellaneous Errors, Privilege Misuse, and System Intrusion Personal (75%) Internal (51%) Credentials (13%) Other (25%) 
Information External (79%)  Internal (21%)  Financial (87%) Espionage (14%) 79% of the data breaches were orchestrated using System Intrusion, Basic Web Application Attacks and Social Engineering  Personal (45%) Credentials (27%) Internal (22%) Other (46%) 
Manufacturing External (73%) Internal (27%)  Financial (97%) Espionage (3%) 83% of the data breaches were carried out using System Intrusion, Miscellaneous Errors, and Social Engineering  Personal (58%) Credentials (28%) Internal (25%) Other (40%) 
Professional, Scientific and Technical Services External (75%) Internal (25%) Financial (95%) Espionage (6%)  85% of the breaches were orchestrated using System Intrusion, Miscellaneous Errors, and Social Engineering  Personal (40%) Credentials (38%) Internal (23%) Other (33%) 
Public Administration External (41%) Internal (59%) Financial (71%)  Espionage (29%)  78% of the breaches were carried out using System Intrusion, Miscellaneous Errors, and Social Engineering   Personal (72%) Internal (37%) Credentials (17%) Other (31%) 
Retail External (96%) Internal (4%)  Financial (99%) Espionage (1%)  92% of the breaches were carried out through System Intrusion, Basic Web Application Attacks and Social Engineering Credentials (38%) Payment (25%) System (20%) Other (31%)   

Verizon data breach report finding 6: 

Regional impact of data breaches 

The report shed light on the regional impact of data breaches in APAC, EMEA, and NA regions. Some common attacks and techniques deployed by attackers in the regions, were system intrusion, web application attacks, and social engineering.  Cybercriminals deployed these attacks and techniques in the majority of breaches in the APAC region (95%) and EMEA region (87%). Most breaches in the APAC and NA region were carried out by External threat actors, with most attacks having a motive of espionage, in contrast to the EMEA region, where over 49% of the breaches were caused by internal actors. 

Summary of findings in Verizon in DBIR Report 2024

  • One-third of all data breaches were ransomware, with pure extortion attacks being a 9% component of all attacks 
  • Ransomware was the top threat for 92% of industries 
  • 68% of breaches involved a human element (10,069 breaches), 32% Ransomware or Extortion (9982), 28% of breaches involved Errors (10,067), and 15% of breaches involved 3rd party and software vulnerabilities (7268) 
  • 20% of users reported phishing in a simulation, and 11% clicked on a malicious link 
  • The median time to click on the link is 21 seconds, and the input data is 28 seconds 
  • The median time for users to fall for phishing is less than 60 seconds 
  • The median cost of a Business Email Compromise was $50,000 in 2023 
  • Median loss due to ransomware and other extortion-based incidents was $46,000 
  • Breaches due to exploitation of vulnerabilities in third-party or vendor software were at 15% a 68% increase from last year 
  • 95% of breaches in the APAC region were caused due to system intrusion, social engineering, and web application attacks 
  • 87% of breaches in the EMEA region were caused by System Intrusion, Social Engineering, and miscellaneous errors 
  • 91% of breaches in the NA region were social engineering and basic web application attacks 
  • Half of the breaches in the EMEA region were carried out by internal threat actors 
  • Espionage attacks continue to dominate in the APAC region 

Threat actors of today are leveraging Machine Learning and AI based tools to maintain persistence in their attacks and launch more potentially dangerous attacks that could cause massive disruption. 

The rising threat of data breaches and ransomware is a warning sign for businesses to ready their defenses against ever-evolving threats with a preemptive assessment of security gaps and implementing best practices to build resilience against them.  

The good news is that SharkStriker provides a range of holistic services that are meant to help businesses kickstart their journey towards resilience.  

You can read the complete report here: 2024 DBIR Data Breach Investigations Report

Services

Experience end-to-end management
of statutory and regulatory compliance
through our dedicated service for compliance

Explore More >

Latest Post

All
Blog