Cybercriminals, hackers, and fraudsters are, if nothing else, adaptive. In a new study, the 2020 Verizon Data Breach Investigations Report, researchers identified the patterns and trends behind recent data breaches and attacks.
This year's report analyzed more than 32,000 security incidents, of which 3,950 were confirmed breaches—nearly double the number of breaches from the previous year. The majority of breaches (over 67 percent) were caused by credential theft and social attacks such as phishing and business email compromises.
Other findings include:
- 43 percent of breaches involved Web applications
- 25 percent involved phishing
- 22 percent of breaches was due to human error
- External actors accounted for 70 percent of data breaches, with organized crime accounting for 55 percent of these.
Human error: the equalizer
Data breaches triggered by human error are now as common as social breaches and more common than malware, according to the report. “One of the interesting things that we saw this year is the high percentage of breaches caused by human error,” says David Hylender, senior risk analyst at Verizon Business. “When you look at the breaches by industry, you’ll see that error was usually one of the top causes across the board.”
The report attributes the rise in breaches caused by human error partly to companies failing to enact proper security controls when migrating to a cloud-based infrastructure. “It’s very easy to set up storage in the cloud and start moving things but sometimes you’ll see databases that don’t even have a password and are entirely open to the internet,” Hylender notes. And in other cases, he adds, it may have been due to employees rushing and failing to observe security protocols.
Greater digital targets
Another vulnerability for many companies are Web applications. Industries that are becoming increasingly digital, such as healthcare, can expect cybercriminals to double down on their attacks. In fact, the number of confirmed data breaches in healthcare came in at 521, up from 304 in last year’s report. This number will surely rise as more healthcare organizations open patient portals and digital tools to better engage patients and members.
Web application attacks, stolen credentials, and miscellaneous attacks (e.g., compromised business emails) are among the most common ways for cybercriminals to gain access, says Hylender, who advises healthcare organizations to “look at what you’re currently doing to address those vulnerabilities and put the bulk of your security efforts into closing any gaps.”
The types of cyberattacks that companies are seeing in 2020 are likely to accelerate into the next year. Given that many companies rushed to set up online work capabilities without extensive planning, preparation, or vetting of tools, cybersecurity measures and protections will be more important than ever. “It may sound simplistic, Hylender says, “but a lot of the misconfigurations and errors that we see are due to carelessness, so paying attention goes a long way.”