Content

Warning: Human error & social engineering join ransomware & DDoS threats

Social-engineering and pretexting attacks targeting finance and HR departments racked up nearly 1,500 incidents and resulted in just below 400 confirmed data breaches being reported. Meanwhile, losses due to human error and data loss due to misdelivery ranked second and fourth respectively, with DDoS, phishing and ransomware coming top, third and last to round out the top five action varieties in incidents overall.


Laurance Dine, managing principal, investigative response at Verizon told SC Media UK that: “Ransomware is the big change here, we've seen it move into critical systems and shutdown whole enterprises.


“Pretexting has seen enormous growth over the period too, and we've seen that develop from spoofing the CEO's account through to gaining control of legitimate high-value email accounts and using those as leverage to trick accounts departments or HR departments into wiring funds to the scammers. They're getting really good at this. In the US there is a trend in targeting HR departments directly to obtain details to conduct other fraud - we suspect this will go global in due course.


“The best defence against this is awareness, and that is growing within enterprises too, via training and simple things like a support team to phone and check potentially dubious transactions with. I always recommend picking up the phone to check requests for transactions, a secondary check.”


The figures are published in the 11th Verizon DIBR report, which includes contributions from US Secret Service, UK legal services firm Mishcon de Reya, UK insurer Chubb and the Irish Reporting and Information Security Service (IRISS CERT) among others.


An interesting stat from the report is that more than 20 percent of people in enterprises still click on at least one phishing campaign during a year. “The bad actors are getting better - it's not the Nigerian prince scam anymore - they're much more sophisticated now. The barriers to entry are very low - the initial costs are minimal, maybe a botnet to send emails or some insider information to gain access, and then once they're in the damage can be considerable”, warned Dine.


The researchers also noted that organised criminal groups continue to be behind around half of all breaches, while state-affiliated groups were involved in more than one-in-ten - unsurprisingly,  financial gain continues to be the top motivation for cyber-criminals across the board.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.