“Verizon 2020 Data Breach Investigations Report” (DBIR) report recently revealed that money is still the number one motivation for cyber attacks.
The researchers analyzed 32,002 security incidents that led to the disclosure of information assets. Of these incidents, 3,950 were data breaches, which resulted in confirmation of data breaches to unauthorized parties.
The report is very long. We have selected some highlights and findings as follows:
- 70% of data breaches are committed by external actors (except for the healthcare industry, where 51% are external and 48% are internal)
- 86% of leaks were motivated by economic
- 55% of violations by organized criminal groups
- 72% of data breaches involve large enterprises
The majority of data breaches (67% or more) are caused by credential theft, social attacks (phishing, commercial email leakage, counterfeiting), and personnel errors (mainly due to misconfiguration and incorrect sending of files and emails) caused. Another interesting finding is that attacks on web applications accounted for 43% of the total leaks, more than double last year.
The most common methods of attacking web applications are to use stolen or brute force credentials (over 80%) or exploit vulnerabilities in web applications (less than 20%) to gain access to sensitive information.
Less than 5% of leaks involve exploits, and it seems that most organizations do a good job of patching vulnerabilities, at least when it comes to patching known vulnerabilities. Most malware is still delivered via email, and the rest is delivered via web services. Although it accounts for only a small part of all incidents, economically motivated social engineering is increasing. This year, about 22% of vulnerabilities involve cloud assets, while the rest are local assets.