Home Technology News Verizon 2023 Data Breach Investigation Report

Verizon 2023 Data Breach Investigation Report

Technology News · November 24, 2023 · Comments off

The annual Data Breach Investigation Report (DBIR) from Verizon is out for 2023! The summary of findings explain that social engineering attacks are often very effective and lucrative for cybercriminals. Also, business email compromise has almost doubled and represents more than 50% of incidents. 74% of all breaches include the human element, with people being involved either via error, privilege misuse, use of stolen credentials or social engineering. The three primary ways in which attackers access an organization are stolen credentials, phishing and exploitation of vulnerabilities.

The complete 2023 DBIR, as well as an executive summary, is available on Verizon’s DBIR resource page.

This year the DBIR team analyzed 16,312 security incidents, of which, 5,199 were confirmed data breaches. On page 4, the report explains who a threat actor is and what tactics and actions are referenced throughout the report. The report highlights incidents and breaches, and the following definitions were provided.

  • An incident is defined as a security event that compromises the integrity, confidentiality or availability of an information asset.
  • A breach is an incident that results in the confirmed disclosure-not just potential exposure-of data to an unauthorized party. A Distributed Denial of Service (DDoS) attack, for instance, is most often an incident rather than a breach, since no data is exfiltrated. That doesn’t make it any less serious.

Classification Patterns

The report breaks down incidents into 8 classification patterns.

System Intrusion – 3,966 incidents, 1,944 with confirmed data disclosure. Ransomware continues to dominate and uses a variety of tools.

  • These are complex attacks that leverage malware and/or hacking to achieve their objectives, including deploying Ransomware.

Social Engineering – 1,700 incidents, 928 with confirmed data disclosure. Phishing and Pretexting continue to dominate.

  • This attack involves the psychological compromise of a person that alters their behavior into taking an action or breaching confidentiality.

Basic Web Application Attacks – 1,404 incidents, 1,315 with confirmed data disclosure. These breaches and incidents tend to be largely driven by attacks against credentials, with the attackers then leveraging those stolen credentials to access a variety of different resources.

  • These attacks are against a Web application, and after the initial compromise, they do not have a large number of additional actions. It is the “get in, get the data and get out” pattern.

Miscellaneous Errors – 602 incidents, 512 with confirmed data disclosure

  • Incidents where unintentional actions directly compromised a security attribute of an information asset fall into this pattern. This does not include lost devices, which are grouped with theft instead.

Denial of Service (DoS) – 6,248 incidents, 4 with confirmed data disclosure. This type of threat continues to dominate and has remained in the top spot of incidents for several years.

  • These attacks are intended to compromise the availability of networks and systems. This includes both network and application layer attacks.

Lost and Stolen Assets – 2,091 incidents, 159 with confirmed data disclosure.

  • Incidents where an information asset went missing, whether through misplacement or malice, are grouped into this pattern.

Privilege Misuse – 406 incidents, 288 with confirmed data disclosure. Employees continue to use their access to commit breaches.

  • These incidents are predominantly driven by unapproved or malicious use of legitimate privileges.Everything Else – Covers all incidents that don’t fit the other patterns.

Industry Highlights

Educational Services – 497 incidents, 238 with confirmed data disclosure.

  • Top patterns: System Intrusion, Miscellaneous Errors and Social Engineering represent 76% of breaches
  • Threat actors: External (72%), Internal (29%), Multiple (1%), Partner (1%) (breaches)
  • What is the same? System Intrusion and Miscellaneous Errors are yet again two of the top three patterns for this industry. The ratio of External and Internal actors is nearly the same as last year.

Healthcare – 525 incidents, 436 with confirmed data disclosure. This sector is highlight targeted by ransomware attacks.

  • Top patterns: System Intrusion, Basic Web Application Attacks and Miscellaneous Errors represent 68% of breaches
  • Threat actors: External (66%), Internal (35%), Multiple (2%) (breaches)
  • What is the same? The top three patterns remain the same, although the order has changed. Internal actors making mistakes continue to trouble this sector.

Public Administration – 3,273 incidents, 584 with confirmed data disclosure.

  • Top patterns: System Intrusion, Lost and Stolen Assets, and Social Engineering represent 76% of breaches.
  • Threat actors: External (85%), Internal (30%), Multiple (16%) (breaches)
  • What is the same? This sector continues to be targeted by Financially motivated external threat actors as well as spying Nation-states that are interested in what their rivals are doing. Personal data remains the most often stolen data type.

Attribution: Verizon 2023 Data Breach Investigations Report. As stated in the report, it is permitted to include statistics, figures and other information from the report. Exact quotes are permitted. (Page 6)

Download the full report: verizon.com/dbir

Megusta

Related Posts

Types of Cloud Implementation
Technology News

Exploring the Types of Cloud Implementation: Navigating the Cloudscape

· May 6, 2024 · 0 Comment

In the digital era, businesses are increasingly turning to cloud computing to drive innovation, enhance agility, and streamline operations. However, with the myriad of options available, choosing…

Cloud Implementation Costs
Technology News

Navigating Cloud Implementation Costs: A Comprehensive Guide

· May 1, 2024 · 0 Comment

In today’s digital landscape, businesses are increasingly turning to cloud computing to streamline operations, enhance scalability, and drive innovation. However, while the benefits of cloud adoption are…

Best Practices Cloud Implementation
Technology News

14 Best Practices Cloud Implementation for Success

· April 26, 2024 · 0 Comment

In the era of digital transformation, businesses are increasingly turning to cloud computing to drive innovation, agility, and efficiency. However, navigating the complexities of cloud adoption requires…

AWS Cloud Implementation Project Plan
Technology News

A Comprehensive AWS Cloud Implementation Project Plan

· April 22, 2024 · 0 Comment

In today’s digital landscape, the adoption of cloud computing has become imperative for businesses aiming to stay competitive and agile. Among the various cloud service providers, Amazon…

What are the Types of Cloud Computing Implementation?
Technology News

What are the Types of Cloud Computing Implementation?

· April 16, 2024 · 0 Comment

In today’s rapidly evolving digital landscape, businesses of all sizes are increasingly turning to cloud computing to streamline operations, enhance scalability, and drive innovation. However, with the…

How can we Implement Multi-Cloud Security?
Technology News

How can we Implement Multi-Cloud Security: A Comprehensive Guide

· April 6, 2024 · 0 Comment

In today’s digital landscape, where businesses are increasingly reliant on cloud services for their operations, ensuring robust security across multiple cloud environments has become paramount. With the…