1 minute read
barr's Verizon dbir analysis
Read our summary of the 2023 Verizon Data Breach Investigations Report (DBIR)—an annual report examining dominant trends in data breaches and cyberattacks throughout the world.
Key Trends
Advertisement
Stolen credentials, phishing, and exploitation of vulnerabilities are the top attack methods for gaining access to organizational systems.
The number of social engineering attacks has increased, with compromised business emails and ransomware leading the charge.
[Hack of the Quarter] MOVEit Attacks
The mass hack of the file transfer tool, MOVEit, has impacted more than 200 organizations and up to 17 5 million individuals as of July 2023 Multiple federal agencies are among those affected, including the Department of Energy, Department of Agriculture, and Department of Health and Human Services It’s believed the majority of schools across the U S have also been targeted by the hack
[Some Good News] Chat GPT’s New Privacy Feature
In March of 2023, OpenAI took ChatGPT offline for a few hours due to a breach that revealed the histories of direct personal identifiers. Since then, OpenAI released a new privacy feature. While issues like this are best avoided by addressing privacy risks during the design phase, creating new privacy features does signal to consumers the intent to do the right thing. Read more about the new feature from Manager of Attest Services
Julie Mungai
Did You Know?
The DBIR has industry-specific guides.
In case you work in, say, education, retail, or even food services, the DBIR has you covered. Their industryspecific guides show top trends along with data that organizations can use to advocate for security and compliance solutions. Take a look to read more about your industry stats and cybersecurity patterns.
Banks and exchanges have become prime targets for cyber criminals with four times the increase in cryptocurrency-based attacks compared to previous years.
The Log4j vulnerability, while initially concerning, was less prominent in breaches than anticipated but still requires attention.
Organizations of all sizes and industries remain vulnerable to ransomware.
Notable Statistics
Business email compromised attacks have almost doubled and represent more than 50% of incidents in the social engineering pattern.
74% of all breaches involve human error.
83% of breaches involve external actors.
Financial motive is the reason for 95% of breaches.
24% of reported breaches involve ransomware, which remains a significant threat.
More than 32% of all Log4j scanning activities occurred within just 30 days of its release.
