Health Care, Ransomware Face Extra Scrutiny in Annual Verizon Data Breach Report


Data Breach

… careless or belligerent employees are the most common threat actors.

Source: Verizon DBIR

Source: Verizon DBIR

“While it’s true that an insider – a rogue employee for instance – can do a lot of damage if they decide to go the dark side as it were, it’s much less likely to happen than you are to be targeted by an external attacker,” Hylender said.

The Human Factor

Social attacks where criminals prey on human gullibility accounted for 1,450 incidents and 381 disclosures of data.

Phishing and financial pretext continue to be popular modes of attack. Cybercriminals looking for employee wage and tax details have scammed human-resources departments in multiple industries. Education, public agencies and health care were hardest hit with these social breaches.

“An attacker calls up, pretends to be an executive – usually a CFO type – and says, ‘Hey, I’ll need the tax-related data for all the employees in this sector here,'” Hylender said.

The bad guys often conduct their deception using a spoof email address – perhaps adding or subtracting a single letter from the expected address – but occasionally criminals use a hacked email address. Hylender says it’s common for the threat actor to delve into the hacked email archive in order to learn and mimic the writing style of the executive.

One of the main targets is a W-2 tax form that allows the thief to file taxes and receive a refund. Verizon found that this type of “financial pretexting” rose from 70 incidents in year 2016 to 170 in 2017.

“The scams are very very honed to get a particular thing, in this case tax-related documents to score cash from,” Hylender said. “Those have been extremely lucrative for attackers.”

The Scourge of DDoS

Verizon countered the claim that DDoS (distributed denial of service) is often a distraction for another type of attack.

“We don’t see a lot of that, contrary to what we’ve been reading in the headlines. We’re not saying that doesn’t happen, but we don’t see it much in our data set. It’s DoS for DoS’ sake,” Hylender said.

The report concluded that only one breach contained an instance of DoS, but the breach actually helped launch a DDoS, according to Verizon.

“In fact, we’ve never had a year with more than single-digit breaches in the denial-of-service pattern,” the DBIR wrote. “Like the aliens, they may be out there, but we aren’t seeing them.”

The lengthy report is available of Verizon’s website. The 2017 DBIR showed that SMB victims and espionage motives are rising factors in data breaches. We compiled a list of 12 common data breach scenarios and their causes.

Pages: Previous 1 2

Leave a comment

Your email address will not be published. Required fields are marked *

The ID is: 98860