A recently published 2016 Data Breach Investigations Report by Verizon Enterprise reports that cybercriminals are continuing to exploit human nature as they rely on familiar attack patterns such as phishing, and increase their reliance on ransomware, where data is encrypted and a ransom is demanded in return for release of the encrypted data.  The report, now in its ninth publication, notes that “no locale, industry or organization is bulletproof when it comes to the compromise of data.”

A press release by Verizon Enterprise notes that the report highlights recurring themes from prior years’ findings and storylines that continue to play off of human nature, including:

  • 89% of all attacks involve financial or espionage motivations.
  • Most attacks exploit known vulnerabilities that have never been rectified despite patches being available for months, or even years.  In fact, the top 10 known vulnerabilities accounted for 85% of successful exploits.  In other words, these events could have been avoided if the companies had monitored and timely released patching updates.
  • 63% of confirmed data breaches involve using weak, default, or stolen passwords.
  • 95% of breaches and 86% of security incidents fall into nine common patterns.
  • Ransomware attacks increased by 16% over 2015 findings.

This year’s report calls out the rise of a new three-step attack that is being repeated by cybercriminals.  Many organizations are falling prey to this type of attack, which consists of:

  • Sending a phishing email with a link that directs the user to the malicious website, or contains a malicious attachment.
  • Malware is downloaded onto an individual’s computer that establishes the initial foothold, providing an open door for additional malware to be loaded that in turn looks for secrets and internal information to steal (cyberespionage) or to encrypt files for ransom.  Frequently, the malware steals credentials to multiple applications through keystroke logging.
  • Use of the victims’ credentials to enable further attacks, including logging into third-party websites such as banking or retail sites.

Indeed, according to the report, it took hackers only minutes or less to compromise systems in 93% of the 2,260 breaches that Verizon analyzed, and the infiltrators were able to extract data from the system within days in more than 98% of the incidents.  By contrast, the targets of these breaches didn’t find out they’d been breached for weeks or more in 83% of the cases, with the notification usually coming from law enforcement or some other external source.

The report also provides advice to help companies avoid costly data breaches, including recommendations to:

  • Know what attack patterns are most common for your industry.
  • Utilize two-factor authentication for your systems and other applications, such as popular social networking sites.
  • Patch promptly.
  • Monitor all inputs, including reviewing all logs to help identify malicious activity.
  • Encrypt data – If stolen devices are encrypted, it’s much harder for attackers to access the data.
  • Train staff – Developing security awareness within your organization is critical, especially with the rise in phishing attacks.
  • Know your data and protect it accordingly.  Also limit who has access to it.

Beginning on May 3, Troutman Sanders will be hosting a webinar entitled “Data Breach Litigation: How to Avoid It and Be Better Prepared for Defense,” as part of its Consumer Financial Services Webinar Series.  The webinar will be hosted by Troutman Sanders partner Ronald Raether and Andrea Hoy, virtual CISO and CEO of A. Hoy & Associates, and will focus on the importance of companies understanding what circumstances give rise to and will sustain a lawsuit.  Click here to register for this complimentary program.