Verizon Data Breach Report Details How Threat Actors Commit Cybercrimes

Sophie Webster, Tech Times 23 May 2021, 03:05 am

cybersecurity — (Photo : Pixabay/B_A) Verizon data breach report

Verizon data breach report gives a glimpse into how fast cybercrime is changing to become more opportunistic, deceptive, and destructive to its victims.

Verizon data breach report details danger of cybercrime

Upswings in ransomware and phishing, as well as cloud and web application attacks, mark the computing landscape today.

Events like the recent Colonial Pipeline hack show the increased role that threat actors play as they reinvent themselves to exploit the weaknesses of the system, according to Venture Beat.

Verizon's Data Breach Investigations Report for 2021 finds the world's threat actors have one thing in common, and that is their craving for cash. Cloud apps, phishing, and ransomware are where the digital transformation starts.

Also Read: Apple Ransomware Attack: Hackers Hit Manufacturer, Demanding Money in Exchange for Stolen Files

The recent breaches usually start with social engineering techniques that are made to get buy-in from busy end users. That is the first step in accessing privileged credentials, delivering ransomware, or finding other vulnerabilities across a network.

Threat actors know any breach strategy in the cloud depends on getting social engineering right.

Verizon found that 85% of the breaches involve a human element, which threat actors prefer by a 24% margin over breaches involving credentials.

The company also found a connection between the increase in social engineering breaches and cloud-based email servers being compromised. That is because emails are being minded for privileged credentials and used for mass mailings of phishing attempts and ransomware delivery, the National Law Review noted.

Into the data breach

These days, threat actors usually combine technologies and techniques in their strategies to breach an organization.

That is according to the report, which is based on 79,635 incidents, of which 29,207 met Verizon's quality standards and 5,258 were confirmed data breaches.

Verizon sampled from 88 countries around the world for the study.

Threat actors tend to concentrate on the following strategies: according to Verizon the cloud is the cornerstone of threat actors' digital transformation strategies. Today, 39% of all breaches are in the cloud and web-based applications.

Also, web application attacks are 80% of hacking-based breaches today. Threat actors favor web application attacks because it only takes a few steps to get greater access to email and web application data.

Verizon finds that web application breaches often lead to email and web application data being stolen and repurposed for malware distribution, as well as asset and application defacement.

The study also pointed out that ransomware is now the third leading cause of breaches, more than doubling in frequency from last year, and appearing in 10% of all breaches.

As for phishing, it accounted for 36% of all breach actions in 2020, up from 25% in 2019.

Bad actors relied heavily on phishing in 2020, usually creating fraudulent emails offering COVID-19 related health care supplies, protective equipment, and fictitious treatments.

The company also found that phishing grew as a misrepresentation strategy when the worldwide stay-at-home order went into effect.

Verizon's research further disclosed that public administration organizations led all industries in breaches in 2020. Threat actors rely primarily on social engineering to create credible-looking phishing emails to steal access credentials.

The entertainment industry experienced the greatest amount of overall activity, with 7,065 incidents and 109 breaches, followed by public administration, with 3,326 incidents and 885 breaches.

Threat actors targeted entertainment using social engineering to commit ticket fraud, intercept online payments, and combine phishing and ransomware to divert cash from companies in this industry.