2018 Verizon Data Breach Investigations Report: 5 Pressing Security Trends Partners Need On Their Radar

Cybersecurity For The Win

Verizon has released its 2018 Data Breach investigation report (DBIR), and this year's findings revealed that ransomware took the cake as the most prevalent type of cybersecurity incidents with a whopping 39 percent of respondents reporting these particularly vicious, malware-related breaches.

The report, which studied 53,000 security incidents including 2,300 confirmed data breaches across 65 countries for this year's report, investigates malware, Distributed Denial of Service (DDoS) attacks, and social attacks such as cybercrime.

Here are five security trends that emerged from the 2018 report that solution providers need to know about to better protect their clients in the year to come.

Ransomware Overwhelmingly A Problem

Verizon was correct in its assumption in its 2013 DBIR report that said Ransomware could "blossom as an effective tool of choice for online criminals," because these types of attacks have far and away overtaken all other forms of cyberattack as the most prevalent variety in 2018's dataset.

2018 was a rough year for companies facing ransomware attacks, as this form of malicious malware features hackers making money by holding critical business systems hostage. Verizon’s report found that ransomware attacks have doubled over the past year, accounting for 56 percent of malware-specific incidents in 2018.

’What is interesting to us is that businesses are still not investing in appropriate security strategies to combat ransomware, meaning they end up with no option but to pay the ransom – the cybercriminal is the only winner here," said Bryan Sartin, executive director of security professional services at Verizon, in a statement.

Social Attacks Still An Issue

The two main types of social attacks that Verizon focused on in its report were centered on phishing, which represented 1,192 incidents and 236 confirmed data breaches within the carrier's dataset, and pretexting, accounting for 170 incidents and 114 confirmed attacks. Phishing typically involves an actor creating a message to a user -- typically sent via email (96 percent of the time, according to Verizon) -- that encourages a user to click through to a malicious attachment or malware. Pretexting, on the other hand, is the creation of a false narrative to acquire information or influence behavior, rather than dropping malware.

While Verizon found that phishing and pretexting represent 98 percent of social incidents and 93 percent of breaches, the report highlighted one silver lining: 78% of people don’t click on a single phishing attack all year.

Botnets Strike Again

The last two years have seen a large uptick in the number of botnet-related infections, according to Verizon. Its report found that over 43,000 breaches that involved the use of stolen customer credentials were from botnet-infected clients.

The problem is a global issue, impacting users all over the world, Verizon said. Botnets can work their way into a system by users accidently downloading the bot, which will then steal credentials needed to log into a system. Botnets can also impact an organization by targeting and compromising specific users. The first type of botnet attack is more common, however, and botnets primarily were found to target banking organizations by a worrisome 91 percent, scarily enough, often through IT and professional services organizations.

Cyber-Espionage Can't Be Ignored

In today's day and age, cyber-espionage, although not the leading variety of security attacks, can't be overlooked. Verizon's report found that 12 percent of breaches involved actors identified as nation-state or state-affiliated in 2018. In general, 73 percent of actors perpetrating security hacks were found to be external to a company.

Motives for security breaches, according to Verizon, are either financial gain or strategic advantage, A.K.A. espionage, with just under 90 percent of all breaches stemming from these two motives. However, financial gain is still the more popular motive of the two. Most cyber-espionage attacks are carried out via phishing campaigns leading to the installation of malware.

Don't Forget About DDoS

Verizon said that DDoS attacks and incident data has been plentiful over the last several years when the company has conducted its research report. This year, Verizon added 21,409 DDoS incidents to its dataset this year, but acknowledged that the incident count itself isn't critical because it's difficult to identify distinct and separate attacks as opposed to one hacker that may be starting and stopping and restarting.

The prevalence of DDoS incidents and attacks, nevertheless, remains high. Most DDoS attacks only last minutes, however, and the attack strength of these types of attacks has been declining. Still Verizon suggests ensuring that a customer is armed with DDoS mitigation services.