Cybercrime thrives during pandemic

John E. Kaye
- Published
- Home, Technology, Uncategorized

Increase in phishing and ransomware attacks – along with continued high numbers of Web Application Attacks – underscore a year of unprecedented security challenges
The Verizon Business 2021 Data Breach Investigations Report (2021 DBIR) examines more breaches than ever before, and sheds light on how the most common forms of cyber-attacks affected the international security landscape during the global pandemic. This year’s report saw 5,258 breaches from 83 contributors across the globe, a third more breaches analysed than last year.
With an unprecedented number of people working remotely, phishing and ransomware attacks increased by 11 percent and 6 percent respectively, with instances of Misrepresentation increasing by 15 times compared to last year. Additionally, breach data showed that 61 percent of breaches involved credential data (95 percent of organisations suffering credential stuffing attacks had between 637 and 3.3 billion malicious login attempts through the year).
The report also highlighted the challenges facing businesses as they move more of their business functions to the cloud – with attacks on web applications representing 39% of all breaches.
“The COVID-19 pandemic has had a profound impact on many of the security challenges organisations are currently facing,” said Tami Erwin, CEO, Verizon Business. “As the number of companies switching business-critical functions to the cloud increases, the potential threat to their operations may become more pronounced, as malicious actors look to exploit human vulnerabilities and leverage an increased dependency on digital infrastructures”.
This year, the Incident Classification Patterns the DBIR report team uses to classify security threats have also been improved and refreshed. The updated report patterns explain 95.8 percent of analysed breaches and 99.7 percent of analysed incidents over all time, and should provide customers with a better understanding of the threats that exist, and how their organisations can best avoid them.
Industries under the spotlight
The 2021 DBIR includes detailed analysis of 12 industries, and shows that, while security remains a challenge across the board, there are significant differences across verticals. For example, in Financial and Insurance industries, 83 percent of data compromised in breaches was personal data, whilst in Professional, Scientific and Technical services only 49 percent was personal. Further highlights include:
– Financial and Insurance – Misdelivery represented 55 percent of Financial sector errors. The Financial sector frequently faces credential and Ransomware attacks from External actors.
– Healthcare – Basic human error continues to beset this industry as it has for the past several years. The most common Error continues to be Misdelivery (36 percent), whether electronic or of paper documents.
– Public Administration – By far the biggest threat in this industry is the social engineer. Actors who can craft a credible phishing email are absconding with Credentials data at an alarming rate in this sector.
– Retail Trade – The Retail industry continues to be a target for Financially motivated criminals looking to cash in on the combination of Payment cards and Personal information this sector is known for. Social tactics include Pretexting and Phishing, with the former commonly resulting in fraudulent money transfers.
Regional trends
The 83 contributors involved with the 2021 DBIR have provided the report with specific insights into regional cyber-trends highlighting key similarities and differences between them.
– Asia Pacific (APAC) – Many of breaches that took place in APAC were caused by Financially motivated attackers Phishing employees for creds, and then using those stolen creds to gain access to mail accounts and web application servers.
– Europe, Middle East and Africa (EMEA) – EMEA continues to be beset by Basic Web Application Attacks, System Intrusion, and Social Engineering.
– Northern America (NA) – NA is often the target of Financially motivated actors searching for money or easily monetisable data. Social Engineering, Hacking and Malware continue to be the favoured tools utilised by actors in this region.
Alex Pinto, Lead Author of the DBIR, comments, “When you read the contents of the report, it is tempting to think that a vast array of threats demands a sweeping and revolutionary solution. However, the reality is far more straightforward. The truth is that, whilst organisations should prepare to deal with exceptional circumstances, the foundation of their defences should be built on strong fundamentals – addressing and mitigating the threats most pertinent to them.”
Further information
RECENT ARTICLES
-
New IBM–NASA AI aims to forecast solar flares before they knock out satellites or endanger astronauts
-
AI is powering the most convincing scams you've ever seen
-
British firm Skyral to help Mongolia tackle pollution with AI traffic modelling
-
The nuclear medicine breakthrough transforming cancer care
-
Second to none: the watchmaker who redefined time for women
-
How AI agents are supercharging cybercrime
-
The CEO making culture the driving force for innovation
-
Penelope J. Corfield on the secret gestures that shape society
-
In Africa, hepatitis B is a silent killer. And a $1 test could stop it
-
'Our real rivals are TikTok and Netflix’ – iGaming firm Soft2Bet sets out strategy for global expansion
-
AI agents are just the start. Here’s what comes next
-
Why cybersecurity deserves a place in the political spotlight
-
Outpacing cyber threats, winning the race
-
Who is really cutting emissions? These satellites will tell us
-
New Science Matters supplement out now — Europe’s boldest ideas in one place
-
New app reveals hidden health risks in everyday foods
-
Alzheimer’s vaccine enters human trials aiming to stop disease before symptoms begin
-
US researchers develop storm-resistant drone to improve extreme weather forecasting
-
Robot folds 800 napkins in 24 hours as Dyna Robotics launches first commercial-ready embodied AI
-
New breast cancer radiotherapy technology launches in Europe
-
Blockchain boom could create over 1 million jobs by 2030, new report claims
-
Why modern computer games aren’t a patch on the classics
-
Watch: Robotic bellboys checking in to a hotel near you soon
-
Soft2Bet reflects on eight years of leadership and philanthropy in new film featuring CEO Uri Poliavich
-
Late Star Trek creator’s family donates $1M to heart disease research