Cyber Espionage & Ransomware Attacks are Increasing, Verizon’s Study on Data Breach Finds

Cyber espionage or cyber spying is the most common form of attack targeting mainly the public sector, manufacturing companies as well as education sector. This is according to Verizon’s latest annual investigative report on data breaches.

The report analyzed about 2,000 data breaches globally, identifying over 300 as espionage-related.

The report also discovered that there is a 50% rise in ransomware attacks over the last year. More than 50 percent of the breaches analyzed used malware, with ransomware becoming the fifth most common form of attack.

“While ransomware dates back to 1989, in the past year we have seen more technical and process innovation in ransomware than we have seen since the invention of Bitcoin-enabled anonymous payments. Fuelled by the success of early attacks, the number of ransomware incidents increased to 228 in this year’s report from 159 in the 2016 DBIR,” the report says.

The top 3 industries that were targeted by data breaches were healthcare, financial services as well as the public sector, representing 15 percent, 25 percent and 12 percent of the breaches reviewed, respectively, the report claims.

The report also discovered that about 7 out of 10 healthcare malicious actors were inside the targeted organization.

Not only large organizations are targeted – but in the latest report it was found that over 60 percent of the victims analyzed were businesses with less than 1,000 employees.

Unsurprisingly, the report also found that lax security practices are a major vulnerability for businesses. Over 8 out of 10 of the hacking-related breaches involved the use of weak or stolen passwords.

Verizon’s report, which includes a number of takeaways for specific industries, draws on collective data of breaches & incidents investigated by Verizon or its 65 partner organizations around the world.

“The cybercrime data for each industry varies dramatically,” Bryan Sartin, the executive director of Global Security Services at Verizon Enterprise Solutions, said.

“It is only by understanding the fundamental workings of each vertical that you can appreciate the cyber security challenges they face and recommend appropriate actions.”

“Our report demonstrates that there is no such thing as an impenetrable system, but doing the basics well makes a real difference,” he said. “Often, even a basic defense will deter cyber criminals who will move on to look for an easier target.”