What Did We Learn from Verizon’s Newest Data Breach Investigations Report?

What Did We Learn from Verizon's Newest Data Breach Investigations Report?

Trying to prevent data breaches and malware infections is one of the major concerns of any business. A technology infrastructure is only as safe as the weakest link when it comes to IT security.

Each year, Verizon studies thousands of data breach incidents to provide insight into the main threats that companies need to prepare for. The company’s 2020 Data Breach Investigations Report (DBIR) has come out and it’s full of valuable intel.

We use this information, as well as that from other key sources and our own experience to inform cybersecurity strategies for North Carolina businesses and keep them safe against today’s most prevalent dangers. 

Suffering a data breach can be devastating to a small or mid-sized business, even more so than a larger enterprise firm. On average, small companies are hit over 10x harder when it comes to data breach costs per employee.

Smaller companies have an average cost of $3,533 per employee when suffering a data breach.

Following, we’ll break down some of the key findings of the 2020 DBIR by Verizon and what this means for your IT security strategy.

Key Takeaways from 2020’s Report on Data Breaches

Just like everything else in the technology realm, security risk is always evolving. A safeguard that you put in place three years ago, might be insufficient to protect you from today’s evolved attacks.

Keeping abreast of the latest tactics taken by hackers keeps you informed and gives you the opportunity to fortify your defenses to prevent a breach. Verizon’s report studied 3,950 data breaches and 157,525 cybersecurity incidents across 16 industries.

Here are several insights we found in this important data breach report.

Web Applications are a Growing Threat

With companies using more web-based cloud applications for their processes, does this mean they’re safer from a security incident? Not really.

The report noted that 43% of data breaches involved web applications. It seems hackers are following the data and coming up with new ways to gain access, whether it’s on a hard drive or on a cloud a platform.

Ways to keep web applications more secure include:

  • Using multi-factor authentication to secure user accounts
  • Using a Cloud Access Security Broker (CASB) to review cloud app risk

Phishing Remains a #1 Threat

Phishing has been around pretty much since the dawn of email, but it continues to deliver results for cyber criminals because users can be fooled. Phishing emails are increasingly sophisticated, often using email spoofing and stealing logos of well-known brands.

The DBIR showed that phishing was the top threat action used in all data breaches studied last year. It’s used in conjunction with multiple types of ploys, including fake forms designed to steal credentials and drive-by malware sites.

To help protect against phishing attacks:

  • Conduct regular employee cybersecurity awareness training
  • Use email authentication to help detect email spoofing
  • Use anti-phishing/anti-spam software

Credential Theft is the #2 Data Breach Threat

Coming up close behind phishing when it comes to tactics used in data breaches is credential theft. 

Microsoft sees over 300 million fraudulent sign-in attempts on its cloud services daily.

Hackers can get their hands on credentials in a few different ways. It can be due to a large breach of a customer database with logins being sold on the Dark Web. Another way can be through a phishing attack that spoofs a sign in form for a web application. It can also happen as the result of weak passwords being used.

Ways to help prevent credential hacking include:

  • Using multi-factor authentication for logins
  • Use of a credential security app, like Microsoft Cloud App Security
  • Using a password manager to ensure all passwords are strong and unique

Your Databases are Under Attack!

It might surprise you to know that the main type of malware used in data breaches last year wasn’t ransomware (that was #3), it was a password dumper. 

Password dumpers are a type of malware used to steal databases containing usernames and passwords. The malware typically makes its way in just like other threats, through phishing emails with links to malicious websites. It’s designed to access password information and “dump” the database contents back to the perpetrator. 

Protection against password dumping involves:

  • Employing anti-phishing best practices
  • Ensuring that databases on hard drives or web applications are properly protected

On-Premises Assets Are Breached the Most

While hackers are increasingly going after cloud resources, it seems they tend to be better protected than on-premises technology.

On-premises IT accounted for 70% of all data breaches in 2019, while 24% of them involved cloud assets. 

This illustrates that cloud service providers seem to be doing a fairly good job of protecting their platforms, although they’re not completely invincible. Companies with on-premises servers and endpoints need to address their breach security to keep from suffering security incidents.

Key methods to safeguard your on-premises technology infrastructure include:

  • Using managed IT services that include managed updates/patches
  • Ensuring you have a next-gen firewall with proper security configurations
  • Putting remote access security strategies in place

Is Your Data Security Strategy Sufficient?

RCOR’s team of cybersecurity experts can help your company ensure your IT security strategy is updated to protect against the latest threats. Don’t leave yourself open to a breach!

Contact us today to schedule an IT security consultation. Call 919-263-5570 or contact us online.