Phishing, Ransomware Attacks on the Rise in 2021
With an unprecedented number of people working remotely, phishing and ransomware attacks increased by 11 percent and 6 percent respectively, with instances of Misrepresentation increasing by 15 times compared to last year. That’s according to the Verizon Business 2021 Data Breach Investigations Report, which shows data breaches are on the rise thanks to the impact of Covid-19.
Additionally, breach data showed that 61 percent of breaches involved credential data (95 percent of organizations suffering credential stuffing attacks had between 637 and 3.3 billion malicious login attempts through the year). The report also highlighted the challenges facing businesses as they move more of their business functions to the cloud – with attacks on web applications representing 39% of all breaches.
The report has examined more breaches than ever before and sheds light on how the most common forms of cyber-attacks affected the international security landscape during the global pandemic. It analyses 29,207 quality incidents, of which 5,258 were confirmed breaches from 83 contributors across the globe. It is a third more breaches analysed than last year.
As per the report, phishing and ransomware attacks increased by 11 per cent and 6 per cent respectively. Instances of misrepresentation increased by 15 times compared to last year.
Additionally, as per the analysis of breach data, 61 per cent of breaches involved credential data. 95 per cent of organisations that suffered credential stuffing attacks had between 637 and 3.3 billion malicious login attempts through the year, it said.
As businesses move to the cloud amid digital transformation, attacks on web applications have increased, representing 39 per cent of all breaches.
“The COVID-19 pandemic has had a profound impact on many of the security challenges organisations are currently facing,” said Tami Erwin, CEO, Verizon Business.
“As the number of companies switching business-critical functions to the cloud increases, the potential threat to their operations may become more pronounced, as malicious actors look to exploit human vulnerabilities and leverage an increased dependency on digital infrastructures,” added Erwin.
Regional trends
The report further traced certain regional trends based on the contributions. As per the trends, a significant number of breaches in the Asia Pacific (APAC) were caused by financially motivated attackers.
“Phishing employees for credentials, and then using those stolen credentials to gain access to mail accounts and web application servers,” it said.
Northern America (NA) was also often the target of financially-motivated actors searching for money or easily monetizing data. Social Engineering, Hacking and Malware continue to be the favoured tools utilized by actors in this region, as per the report.
Apart from this, Europe, West Asia and Africa (EMEA) countries continued to be beset by Basic Web Application Attacks, System Intrusion, and Social Engineering.
Anshuman Sharma, Principal Consultant, Investigation Response, Verizon said, “The COVID-19 pandemic has had a profound impact on many of the security challenges Indian organizations are currently facing. One of the main reasons for this is because many companies have switched their business-critical functions to the cloud.
In addition to remote-working, the potential threat to their operations has become more pronounced, as malicious actors look to exploit human vulnerabilities and leverage an increased dependency on digital infrastructures.”
Lockdowns have resulted in an unprecedented number of professionals working remotely, as a result, phishing and ransomware attacks have increased by 11 percent and 6 percent respectively, with instances of Misrepresentation increasing by 15 times compared to last year. With large parts of the country under lockdown and employees continuing to work remotely, a robust cyber security mechanism providing secure configuration to Enterprise assets, Account & Access Management and Security Skill & Awareness Training is the need of the hour.”
Cyber threats across verticals
As for cybersecurity of various industries, the report shared a detailed analysis of 12 industries. According to the report, “while security remains a challenge across the board, there are significant differences across verticals.”
For instance, 83 per cent of compromised data in the Financial and Insurance industries was personal data, whilst in Professional, Scientific and Technical services only 49 per cent was personal.
Furthermore, misdelivery represented 55 per cent of Financial sector errors. The Financial sector frequently faces credential and Ransomware attacks from External actors.
Misdelivery was also the most common error (36 per cent) in the healthcare industry. In Public Administration, the biggest threat by far is social engineering.
“Actors who can craft a credible phishing email are absconding with Credentials data at an alarming rate in this sector,” the report said.
The Retail industry continued to be a target for financially motivated criminals “looking to cash in on the combination of payment cards and personal information this sector is known for. Social tactics include pretexting and phishing, with the former commonly resulting in fraudulent money transfers,” as per the report.
Alex Pinto, the Lead Author of the DBIR, said, “When you read the contents of the report, it is tempting to think that a vast array of threats demands a sweeping and revolutionary solution. However, the reality is far more straightforward. Whilst organizations should prepare to deal with exceptional circumstances, the foundation of their defenses should be built on strong fundamentals – addressing and mitigating the threats most pertinent to them.”
