A recently conducted research by an American multinational telecommunications conglomerate looks at more breaches than ever and highlights the effects on the international security situation amid the worldwide epidemic of the most frequent forms of cyber-attacks. The report for this year identified 5,258 infringements by 83 contributors worldwide, a third more than last year.
With a never before seen quantity of remote workers, phishing and ransomware attacks climbed respectively by 11% and 6%, with cases of misrepresentation growing fifteen times in comparison with last year.
Analysis of the breach data showed that 61% of breaches included credentials data (95 percent of organizations suffering credential stuffing attacks had between 637 and 3.3 billion malicious login attempts through the year).
The research also stressed the issues facing companies, with attacks on web applications constituting 39% of all breaches, as they transfer more of their business processes into the cloud.
The CEO of the organization that conducted the research remarked “The COVID-19 epidemic has had a significant influence on numerous safety concerns affecting enterprises today. As the number of business-critical enterprises transitioning to the cloud rises, the potential threat to their operations may increase as hostile actors exploit human vulnerabilities and rely on increasing dependence upon digital infrastructure.”
The improved report patterns account for 95.8% of the breaches studied and 99.7% of assessed occurrences throughout the period and should give customers a better grasp of and best preventable dangers.
Industries at the forefront
The report contains a detailed review of 12 industries and indicates that, while security remains an issue in general, vertical disparities remain considerable. For instance, 83 percent of data affected in breaches were personal data in the financial and insurance industries, but only 49 percent were personal data for professional, scientific, and technical services.
Further highlights include:
Financial and insurance – Malpractice accounted for 55 percent of mistakes in the banking sector. The financial sector is often confronted with foreign credentials and ransomware attacks.
Healthcare – This industry, as it has for numerous years now, is still affected by basic human error. Misdelivery, whether electronic or paper documents, is the most typical mistake (36%).
Public administration – The social engineer is by far the greatest threat in this industry. Actors who can produce a credible e-mail with a phishing credential are cowering in this sector at an alarming rate.
Retail trade – The retail sector is still a focus for financially motivated criminals who want to cash on the combination of payment cards and personal information known in this sector. Social methods include pretexting and phishing, which usually lead to fraudulent cash transfers.
Regional trends
The 83 contributors who participated in the report contributed particular insights into regional cyber trends that highlight major parallels and variances.
Asia Pacific (APAC) – Many of the breaches in APAC were perpetrated by financially motivated attackers who utilized these robbed credentials to get access to mail accounts and Web servers.
Europe, Middle East, and Africa (EMEA) – Basic online applications, system infiltration, and social engineering continue to attack EMEA.
Northern America (NA) – NA is typically the target of financially-motivated actors seeking money or data that may be easily monetized. The most favored tools used by actors in the area remain Social Engineering, Hacking, and Malware.
“When reading the content of the paper, a huge array of threats requires a comprehensive and revolutionary response” commented the head author of the research group. He added, “The truth, though, is far easier. The truth is that though organizations should be prepared to face unusual circumstances, they should build on solid foundations to handle and mitigate the most relevant dangers to them.”
To read more, please check eScan Blog
