NEW YORK — It’s no secret that cyber crime is everywhere these days, but a study conducted by Verizon found a shift in tactics hackers are using to breach data security systems.
According to the Verizon 2017 Data Breach Investigations Report (DBIR), cyberespionage has taken over as the most common type of cyber crime in the manufacturing sector, the public sector, and education.
More individuals and organizations are proliferating proprietary research, prototypes of products, and confidential personal data, which are all high-value targets for hackers and cyber criminals.
Of the 2,000 cyber security breaches analyzed in the report, about 300 of them were cyberespionage, many of them carried out using phishing emails.
“Insights provided in the DBIR are leveling the cybersecurity playing field,” said George Fischer, president of Verizon Enterprise Solutions. in a Verizon news release. “Our data is giving governments and organizations the information they need to anticipate cyberattacks and more effectively mitigate cyber-risk. By analyzing data from our own security team and that of other leading security practitioners from around the world, we’re able to offer valuable intelligence that can be used to transform an organization’s risk profile.”
The report found that 51% of the data breaches analyzed involved malware. Ransomware became the fifth-most common malware form, increasing in usage by 50% compared to last year.
Forty-three percent of the data breaches in the DBIR utilized phishing at some point in the process. Phishing techniques involving software installation are by far the most common.
Those working in the financial industry and who have access to money transfer information were targeted by pretexting schemes at a higher rate this year. Eighty-eight percent of pretexting data breaches utilized email as the main communication conduit.
The report found that 61% of data breach victims were businesses that employed less than 1,000 employees.
Businesses and individuals were encouraged to rely on people as their first line of defense, integrate vendor risk management programs, to stay vigilant on log files and change management systems that can give early warning signs of data breaches.
The DBIR has now been produced annually for ten years. This year’s report shows analysis on 42,068 incidents and 1,935 breaches from 84 countries.