Each year, Verizon researches the growing data breach and has been doing it for 13 years. So, let us look at the Verizon Data Breach Report for 2020.
This report is from 3,950 confirmed data breaches this year. Which is a 96% rise from last year’s 2,013 breaches.
Let’s take a look at more details of the Verizon Data Breach Report.
Stolen Credentials is Still at the Top
According to the report, stolen credentials is still the number one hacking tactic. And it’s already at the top spot for 4 years in a row.
Why? Because 80% of all breaches under the category of hacking involves two things. Brute force or the use of stolen credentials.
Then, the report says hacking has three main groups:
- those using stolen or brute-forced credentials
- those taking advantage of weaknesses
- attackers using backdoors and Command and Control or C2 functions
So, the major factor for stolen credentials is users reusing passwords.
Thus, making it clear that it is vital to have different passwords. Or use a password manager to make and store a complex password for each account.
Also, stolen credentials cause long-term damage. And this is not slowing down with today’s Malware focusing on credential theft.
As per the report, 17% of breaches that involved Malware focuses on this.
Credential stuffing is where attackers breach usernames or passwords for one service. Then they try these credentials with other services.
Thus, this is a growing cybersecurity concern as this proves to be effective. Because people reuse the same password with the services they use.
Then, according to Verizon, organizations experience billions of attempts per year. And the median number of attempts reached 922,331 a year.
Causes of Data Breaches
What are the causes of breaches? As per Verizon, these are the factors:
- Malicious actors are the major cause for data breaches with 70%. Then, 70% of these actors are external with 55% of them from organized criminal groups. And 30% of these actors are internal.
- Hacking is 45% involved in all breaches.
- Errors are only a 22% factor of these breaches.
- Social attacks like phishing also account for 22% of breaches. Phishing involving making fake websites, emails, text messages, and social media messages. Which is still effective because of the lack of proper digital knowledge.
- Malware being a 17% factor.
- Physical actions only a 4% cause. Like leaving USB sticks with sensitive data and whatnot.
Data Breach Victims and Motivation
According to Verizon’s report, 72% of data breach victims are large businesses. This includes financial services, online service companies, and brand names across many sectors.
Thus, users are the ones paying the price. With 58% of them having their data stolen, like:
- social security numbers
- phone numbers
- credit card numbers
- email add
- home addresses
- government ID numbers
Then, 86% of the time, the motivation behind these breaches are financial-driven. This is because attackers make a huge amount of money in selling breached data. They make money by:
- Draining financial accounts
- Fraudulent buys
- Holding systems hostage via ransomware
- Sending fake invoices
So, what’s your take on this report? What did you learn from Verizon’s Data Breach Report?
Rate this post: