Ransomware roundtable | ‘The numbers don’t lie…’

The latest roundtable discussion from Security on Screen analyses the Verizon Business Data Breach Investigations Report (DBIR) and how the most common forms of cyber attacks have affected the international security landscape during the global pandemic.

This year’s Verizon Business Data Breach Investigations Report saw 5,258 breaches from 83 contributors across the globe, a third more breaches analysed than last year. The report detailed that with an unprecedented number of people working remotely, phishing and ransomware attacks increased by 11% and 6% respectively, with instances of Misrepresentation increasing by 15 times compared to last year.

In addition, breach data showed that 61% of breaches involved credential data (95% of organisations suffering credential stuffing attacks had between 637 and 3.3 billion malicious login attempts through the year). It also highlighted the challenges facing businesses as they move more of their business functions to the cloud – with attacks on web applications, representing 39% of all breaches.

“The COVID-19 pandemic has had a profound impact on many of the security challenges organisations are currently facing,” said Tami Erwin, CEO, Verizon Business. “As the number of companies switching business-critical functions to the cloud increases, the potential threat to their operations may become more pronounced, as malicious actors look to exploit human vulnerabilities and leverage an increased dependency on digital infrastructures.”

The DBIR also included detailed analysis of 12 industries, and showed that, while security remains a challenge across the board, there are significant differences across verticals. For example, in Financial and Insurance industries, 83% of data compromised in breaches was personal data, whilst in Professional, Scientific and Technical services only 49% was personal.

To comment on these results, Mark Bower, Senior Vice President of Sales-North America, comforte AG says: “The numbers don’t lie –83% of breaches in the financial and insurance sector involved personal data,  more than any other sector. With regulatory changes oriented around fresh data privacy requirements and pending NACHA compliance enforcement over payment and personal data, modern data privacy compliance has to be a top agenda item as the sector continues its cloud-transformation journey, collecting more powerful yet regulated data than ever in the process.”

“Ransomware continues to be a pervasive scourge on organisations of all verticals,” adds Chris Clements, VP of Solutions Architecture, Cerberus Security Officer. “The meteoric rise of cryptocurrency has effectively, if inadvertently, monetised every network in the world for cybercriminals. Their continued success in extorting victims across the globe has provided these criminal operations with budgets that are larger than most of the organisations they target.

“These budgets allow them to acquire talented hackers as well as custom zero-day exploits that make them incredibly successful in quickly compromising entire computer networks. With these resources, often all that is necessary for these attackers to succeed is for a single successful phishing email to land or acquiring one compromised account password.”

Alex Pinto, Lead Author of the DBIR, comments, “When you read the contents of the report, it is tempting to think that a vast array of threats demands a sweeping and revolutionary solution. However, the reality is far more straightforward. The truth is that, whilst organisations should prepare to deal with exceptional circumstances, the foundation of their defences should be built on strong fundamentals – addressing and mitigating the threats most pertinent to them.”

James McQuiggan, Security Awareness Advocate at KnowBe4 adds: “Organisations will need to continue to take the necessary steps to increase security awareness training. Still, the gap between awareness and action to protect the organisation is the next step of improving the organisation’s security culture and having cybersecurity on the mind of all users.”

Clements concludes: “To remain secure in today’s threat landscape organisations must adopt a culture of security, starting with the awareness that every business is actively targeted by cybercriminals on a daily basis and that absent this cultural approach can suffer potentially catastrophic damages stemming from loss of operations, data theft, ransomware, and reputational harm.

“This cultural process starts with education and awareness initiative targeted at all personnel roles from executive leadership to line of business employees to understand their role in protecting the organisation. Further, adoption of security hardening best practices, ongoing monitoring for suspicious behaviour, and regular testing to ensure that no gaps have been missed are critical for surviving modern threat actors.”