Verizon is publishing Data Breach Investigations Report (DBIR) for over 10 years. The latest release is DBIR 2017 which was published on April 27th. This year’s report contains 1935 confirmed data breaches and more than 42000 security incidents. Like always, DBIR 2017 provides great insights about how data breaches are happening, who is behind attacks, and what their motives are.
Here is a summary of major 2017 DBIR findings:
- Nobody is Immune – Data breaches are happening everywhere, impacting all sizes of companies, all geographies, and all industry sectors. If anybody still thinks it is someone else’s problem, they should think again.
- Ransomware Attacks are Increasing – Ransomware is the largest malware category in this year’s data breach investigations report. If you are impacted, you should take advantage of nomoreransom.org to combat this.
- Cyber Espionage is on the Rise – Especially in the manufacturing industries and public sector, Cyber Espionage is rising rapidly. The DBIR report shows that more than 90% data breaches in last year were related to espionage in manufacturing.
- Phishing is the Primary Entry Vector – For majority of data breaches, it starts with phishing emails with malicious URLs or infected attachments. Microsoft Office attachment with macros are used frequently.
- Stolen Credentials – Everyone need to do a better job to protect credentials, easy-to-guess passwords, default passwords, and use two-factor authentication for critical assets.
- Insider Threats – Privilege misuse is primary vector in many cases related to insider threats. Better monitoring is needed to defeat bad actors inside organizations.
The PDF version of 2017 DBIR is available at http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/. It is strongly recommended that all security professionals download this report and use it as a reference.