An alarming rise in ransomware breaches, greater than the past five years combined, is among the findings in the Verizon Business 2022 Data Breach Investigations Report (2022 DBIR).
Organised crime continues as a pervasive force in cybersecurity. Roughly four in five breaches can be attributed to organised crime. Outsiders are about four times more likely to cause breaches in an organisation than insiders.
Hans Vestberg, CEO and Chairman, Verizon, said: “Over the past few years, the pandemic has exposed a number of critical issues that businesses have been forced to navigate in real-time. But nowhere is the need to adapt more compelling than in the world of cybersecurity. As we continue to accelerate toward an increasingly digitised world, effective technological solutions, strong security frameworks, and an increased focus on education will all play their part in ensuring that businesses remain secure, and customers protected.”
People remain – by far – the weakest link in an organisations’ cyber defences. As for supply chain issues, it’s a trend also across cybersecurity. A majority, 62 percent of System Intrusion incidents came through an organisation’s partner. To request the 2022 DBIR visit the Verizon website.
Comment
Ben Jones, CEO and co-founder of Searchlight Security, says: “The continuing rise in ransomware attacks is the headline that many will take from the Verizon 2022 DBIR report today but the company itself has rightly put the emphasis on the four ‘key paths’ into organisation’s networks: credentials, phishing, exploiting vulnerabilities and botnets. Defending against these has become especially important as cybercrime has professionalised, with cybercriminals selling these access points online for others to exploit. These ‘access brokers’ monetise the foothold they have within organisations, without having to take any of the risk themselves. At the same time, they make defence much harder for organisations by potentially sharing a vulnerability in their network or supply chain with multiple adversaries.
“One way organisations can look to combat the cyber criminals that are selling access to their systems and facilitating attacks is to find them where they operate: on the deep and dark web. By monitoring marketplaces and forums for company credentials and vulnerabilities – or those of organisations in their supply chain – businesses can identify when and where they are at risk of attack. They can also monitor potential phishing sites or dark web traffic going to their organisation, which may indicate insider threat. Identifying the early warning signs of when your organisation is at risk will ultimately be more effective at stopping attacks like a ransomware attack than waiting for when the criminals have already gained or bought access to your systems.”
