Verizon just released its annual Data Breach Investigation Report for 2022. Some highlights include the most targeted industries, the role of human error, insight on social engineering and the devastating impact that insider risk poses to your organization. The report also reveals email as a significant attack vector, and the preferred method for delivering malicious payloads. Ransomware is becoming a protracted security challenge, so too is the role of supply chains and the risk posed by misconfiguration.
Keep reading for key findings from the report.
Industries and attacks vectors
Top 3 industry verticals that suffered a breach. Finance, Professional Services and Healthcare suffered the highest proportion of breaches for the year.
Human error remains a significant breach risk factor. 82% of breaches involved the human element – either due to compromised credentials, phishing, misuse or error.
Securing end-users and systems should be prioritized equally. The 4 main paths to a breach include:
- Credential compromise
- Phishing
- Exploiting vulnerabilities
- Botnets
Top 2 targeted IT assets. Web applications (56% of breaches) and mail servers (28%) are the two most targeted IT assets by threat actors.
Social engineering, insider risk and attack motivations
Social engineering attacks are growing in complexity. Phishing (+60%) remains the dominant method for executing social engineering attacks, followed by the use of stolen credentials (+30%) and pretexting (27%).
Protecting against threat actors is a complex challenge. External threat actors account for 80% of breaches, and insiders 20%.
Insider breaches are the most devastating from a records exposure perspective. Insider breaches result in 10:1 more compromised records being exposed than external breaches do.
Money heist. Financial or personal gain is the key motive for over 80% of external threat actors.
Email is a significant attack vector
Email is the most preferred channel for threat actors. Email remains the #1 delivery mechanism for malware, including ransomware.
Email attracts the greatest investment in the attacker value chain. Email development, email addresses and email distribution see the highest share of investment from threat actors for carrying out a breach.
Office docs are the preferred trojan horse. Office docs are the preferred file for delivering malicious payloads, usually delivered via email.
BEC attacks come in different flavors. Phishing was responsible for 41% of BEC attacks, while credential theft was responsible for 43%. And pretexting, a component of phishing, is becoming increasingly prominent, responsible for 27% of social engineering breaches.
Don’t take solace in low phish rates. Even low phish rates of less than 3% can have devastating impacts on large organizations in terms of total records compromised.
Additional key findings
Ransomware attacks are trending in the wrong direction. The scourge of ransomware is accelerating at an unprecedented pace, up 13% YoY, representing the equivalent annual increase of the past 5 years combined.
The integrity of supply chains is in sharp focus. Supply chains are responsible for 62% of system intrusions.
As IT complexity increases so too does misconfiguration risk. In a cloud based world, misconfiguration remains a mainstay vulnerability, responsible for 13% of breaches.
To see how Tessian prevents ransomware attacks, and protects against DLP, watch a product overview video or book a demo.
For the latest cybersecurity news and articles, sign up for our newsletter, and follow us on Twitter and LinkedIn