Unveiled on June 6, 2023, the 16th Annual Verizon Data Breach Investigations Report was released. The findings are eagerly awaited and highly valued in the cybersecurity sector, thanks to its grounding in real-world data and in-depth analysis.
The 2023 edition of the report is constructed from a robust dataset, comprised of 16,312 incidents occurring between November 1, 2021, and October 31, 2022. These incidents led to a total of 5,199 global data breaches and spanned 10 key industries, as well as mid-sized enterprises. Rather than offering surface-level statistics, the report delves into the intricate details—the “hows” and “whys”—behind these incidents and breaches. It aids organizations in fortifying their cyber defenses by aligning its insights with the Center for Internet Security (CIS) Critical Security Checks.
While the full report is a must-read, we’ve had our security experts highlight the most salient points for you.
Top 6 Findings from Verizon’s 2023 Data Breach Investigations Report:
This emphasizes the need for strong passwords, multi-factor authentication, and regular security awareness training for all users.
2. Human involvement continues to be a major variable, widely recognized as the most vulnerable element, in the occurrence of data breaches
Human involvement continues to be a major variable, widely recognized as the most vulnerable element, in the occurrence of data breaches.
The Verizon report reveals that human factors play a role in a staggering 74% of all data breaches. This not only encompasses social engineering tactics but also includes mistakes made by users, abuse of access privileges, and compromised login details.
External agents are implicated in 83% of data breaches, and a striking 95% of these incidents are driven primarily by financial motives. The leading methods used by attackers to infiltrate organizations consist of obtaining stolen credentials, engaging in phishing schemes, and exploiting security weaknesses.
3. Ransomware’s Persistent Threat
As highlighted in Verizon’s 2023 DBIR report, ransomware persists as a significant risk across organizations of varying sizes and sectors. It accounts for 24% of data breaches, a percentage that has remained stable compared to the previous year. Additionally, a notable 62% of all current incidents involving ransomware are perpetrated by organized crime actors, with 59% primarily driven by financial motives, signaling an ongoing upward trend.
A substantial 94% of ransomware incidents occur through system intrusions. Although the prevalence of ransomware has only seen a minor increase this year, its pervasiveness is such that it remains a persistent threat in 91% of industries, ranking among their top three concerns.
Interestingly, the recovery costs associated with ransomware have gone up, even though ransom demands have generally decreased. This could imply that smaller organizations are increasingly falling victim to these attacks. While ransom amounts may be negotiated down, the additional expenses stemming from potential IT infrastructure issues can elevate the total financial impact on the organization.
4. Financial Gain Remains the top reason for cyber-attacks
Even though state-sponsored attacks often dominate the news, financial incentives remain the primary catalyst for cyber-attacks. Recognizing these motives can better equip businesses to fend off the most prevalent threats.
5. Cryptocurrency Breaches Surge
The report notes a worrying 4x increase in breaches concerning cryptocurrencies. As the crypto wave rises, the importance of secure storage, like cold wallets and stringent encryption, becomes paramount.
Internet-Facing Servers at Risk: Such servers continue to be the most vulnerable point of attack. Regular patching and vulnerability assessments are essential. The persistent issue of the Log4J vulnerability further emphasizes the need for immediate action.
6. Email is the Favored Entry Point
Despite newer methods, email remains cyber criminals’ preferred gateway. The persistent prevalence of phishing and email attacks reinforces the need for enhanced email security measures and user training.
The 2023 Verizon DBIR presents critical insights that warrant attention and discussions. Data breaches pose a severe risk to an organization’s data confidentiality, integrity, and availability. The repercussions extend beyond reputational damage to complications involving regulatory compliance. This often occurs because cybersecurity initiatives aren’t keeping pace with digital transformation. Consequently, it’s essential for board members to prioritize security concerns.
As Multi-Factor Authentication (MFA) gains traction, stolen credentials remain a prevalent means of initial access to circumvent cyber defenses. Such data can be inexpensively purchased, or even freely acquired, from dark web marketplaces. This ease of access enables even technically inexperienced individuals to participate in cyber-attacks.
Ransomware continues to dominate the cybersecurity landscape, a trend amplified by the Ransomware-as-a-Service (RaaS) model that makes it both easy and lucrative for attackers. Preemptive legal and technical measures are essential to counter the continually evolving strategies of ransomware assailants. The rising prominence of cryptocurrencies has also made them an attractive target, with attackers leveraging browser extensions and mobile apps as conduits for their activities.
With these insights in hand, you can better navigate the complex world of cyber threats and bolster their defenses accordingly.