Report finds 90% of data breaches are financially motivated
Verizon's Data Breach Investigation Report also found web application breaches rose 43% year-on-year
Based on a study of 32,002 incidents and 3,950 confirmed incidents across 81 countries, the report also highlighted a 43% spike in web application breaches.
According to those surveyed, financially motivated breaches accounted for 91% of cyber security incidents in Northern America, compared to 70% of breaches Europe, the Middle East and Africa and 63% in the Asia Pacific region. In North America, 79% of hacking breaches leveraged stolen credentials in their attacks, while 33% of breaches employed phishing or pretexting techniques.
In Europe, the Middle East and Africa, over 80% of malware incidents pointed to denial of service (DoS) attacks while 40% of breaches used a combination of techniques to target vulnerable web applications. Another 14% of breaches have been associated with cyber-espionage.
Alex Pinto, lead author of the report commented: “Security headlines often talk about spying, or grudge attacks, as a key driver for cyber crime - our data shows that is not the case. Financial gain continues to drive organized crime to exploit system vulnerabilities or human error.
"The good news is that there is a lot that organizations can do to protect themselves, including the ability to track common patterns within cyber attack journeys - a security game-changer - that puts control back into the hands of organizations around the globe.”
The 2020 DBIR also took note of a 43% increase in web application breaches, double the number reported in 2019. In 80% of these cases, threat actors used stolen credentials to carry out their campaigns. Cases of ransomware also grew by 3% to account for 27% of all malware attacks, and 18% of businesses reported they blocked at least one ransomware attack in 2019.
Tami Erwin, CEO of Verizon Business, warned: "In addition to protecting their systems from attack, we urge all businesses to continue employee education as phishing schemes become increasingly sophisticated and malicious."
Four cyber security essentials that your board of directors wants to know
The insights to help you deliver what they needDownload now
Data: A resource much too valuable to leave unprotected
Protect your data to protect your companyDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now