$40 million stolen from the Binance cryptocurrency exchange yesterday by cybercriminals. Hackers infiltrating hundreds of Amazon merchant accounts late last year. The ongoing impact from the massive 2017 Equifax data breach exposing more than 148 million records.
The hit parade of cybersecurity breaches never lets up in this global, always-on, online world.
Verizon’s 2019 Data Breach Investigations Report (DBIR) provides insight from 41,686 security incidents and 2,013 data breaches provided by 73 data sources, both public and private, covering 86 countries. We’ve got some leading cybersecurity experts to help provide a perspective.
Adam Laub, SVP of Product Management, STEALTHbits Technologies said, “The 2019 Verizon Data Breach Investigations Report did not disappoint in terms of providing an interesting a captivating analysis of the past year’s data breach happenings. While there didn’t appear to be any particularly shocking findings with regards to attack TTPs, motives, industry statistics, or attack timelines, the 2019 DBIR again delivered the message – perhaps indirectly – that the absence of foundation-level and layered security controls, internal security discipline, and general security awareness are the common denominators in the data breach dilemma.”
Data breach report highlights
Verizon’s investigation showed 69% of data breaches were by outsiders and a surprising 34% involved insiders. Organized criminal groups were behind 39% of events and 23% were identified as “nation-states.”
The variety of attacks were wide-ranging including hacking (52%) and social media attacks (33%). 71% of the attacks were financially motivated while 25% were identified as espionage.
“The vast majority of security tools focus on user endpoints – laptops, desktops, mobile. But 80-90% of current incidents involve corporate servers, whether on-premises or in the cloud. Analysts like Gartner are stressing that user endpoint security tools are not effective in protecting servers or cloud workloads – in fact, they are dangerous because they provide a false sense of security. Server-side security requires much more attention,” said Satya Gupta, CTO, and Co-founder of Virsec.
The report also noted, “Payment card web application compromises are well on their way to exceeding physical terminal compromises in payment card-related breaches.”
Who got hacked?
Verizon said 43% of the victims were small business while others included public sector (16%), healthcare (15%), and the financial industry (10%).
Michael Magrath, Director, Global Regulations & Standards at OneSpan said, “The use of stolen credentials on banking applications remain common. The authors, like most security experts, recommend multifactor authentication to combat this vector of attack. Until strong customer authentication is mandated through regulation, hackers will continue to steal login credentials. However, with secure, frictionless authentication solutions becoming commonplace, the use of stolen credentials is expected to significantly drop in future reports.”
C-suite executives were also a notable target with these leaders twelve times more likely to be the victim of social incidents and nine times more likely to be the target of social breaches than in previous years.
“The two most significant trends that stick out to me are the increased targeting of C-level executives and the need for standardization and visibility within organizations. The drastic increase in social attacks on C-level personnel points to the increased demand for cybersecurity awareness in the C-suite. More and more we are seeing information security leaders brought into business side discussions to provide cyber-focused insights and feedback on business strategy. The flywheel effect at work – involvement of cyber leaders and increased awareness in the executive suite – has an ongoing positive effect, a necessary change given that personnel, as well as systems, are under attack,” said George Wrenn, CEO of CyberSaint Security.
The Verizon 2019 Data Breach Investigations Report is valuable reading for executives concerned with cybersecurity. You can read the Executive Summary here for further insight.