Ransomware, phishing and pretexting are on the rise: Verizon
Ransomware and social attacks have been the big stars in the past year when it comes to cybersecurity, according to the latest edition of Verizon’s popular yearly report.
Drawing from datasets aggregated from 67 other organizations, including 53,308 security incidents and 2,216 data breaches, Verizon’s 2018 Data Breach Investigations Report shows that ransomware was the most common type of malware reported. Based on 1,379 malware incidents, 56 percent involved ransomware.
Verizon notes that it first mentioned ransomware in its 2013 report and predicted that it would flourish because of how effective it is for cybercriminals.
“Now we have seen this style of malware overtake all others to be the most prevalent variety of malicious code for this year’s dataset. Ransomware is an interesting phenomenon that, when viewed through the mind of an attacker, makes perfect sense,” the report says.
Ransomware is seen as so effective, Verizon says, because it can be attempted with little risk to the attackers, doesn’t require them monetize stolen data and can have a larger impact when deployed against large organizations like corporations or local governments.
“It is now the most prevalent form of malware, and its use has increased significantly over recent years,” said Bryan Sartin, executive director of security professional services at Verizon in a press release. “What is interesting to us is that businesses are still not investing in appropriate security strategies to combat ransomware, meaning they end up with no option but to pay the ransom – the cybercriminal is the only winner here!”
Verizon says that the human element is one of the main weaknesses that open organizations up to any kind of attack. Social engineering tactics like phishing and pretexting represent 93 percent of the breaches the report observes. Pretexting, Verizon explains, is like phishing but involves more of a dialogue between the victim and attacker, and the attacker might take on a specific persona.
Finance and human resource employees were the most prevalent victims of phishing and pretexting attacks, Verizon says, and the attacks are lucrative when successful, costing organizations six-figure losses. W-2 forms are the most sought-after target because they include salary and other information that can be used to file fraudulent tax returns.
While pretexting has financial motivations 95 percent of the time and doesn’t always involve malware, the report says, the motive for phishing is split between financial and espionage. Phishing also often involves the installation of malware that then siphons data, while pretexting is normally about using social tickery to get someone to send sensitive information.
“Employees should be a business’s first line of defense, rather than the weakest link in the security chain,” Sartin said. “Ongoing training and education programs are essential. It only takes one person to click on a phishing email to expose an entire organization.”
The good news, Verizon says, is that 78 percent of people never click on a phishing attempt. On the flip side, 4 percent click every time. The report notes that’s still an improvement from 11 percent in 2014.