Connect with us

Hi, what are you looking for?

Cyber Security

DBIR 2022: Ransomware surge increases global data breach woes

Ransomware attacks were up 13% in the last 12 months, representing a greater increase than the last five years combined, according to the latest edition of Verizon’s Data Breach Investigations Report (DBIR).

Published today (May 24) the 2022 edition of DBIR involved an analysis of nearly 24,000 security incidents, of which 5,212 were confirmed data breaches.

Ransomware attacks continue to grow their cybercrime market share because they offer an effective means for assailants to exploit and monetize illegal access to private information, according to Verizon’s study.

Sobering stats

Approximately four in five of the breaches covered by the report are attributed to organized crime. Meanwhile, heightened geopolitical tensions such as the war in Ukraine are driving nation-state affiliated cyber-attacks.

Looking into a different metric, the Verizon study found that more than 60% of system intrusion incidents came through an organization’s partner – a so-called ‘third-party data breach’.

“Compromising the right partner is a force multiplier for cybercriminals, and highlights the difficulties that many organizations face in securing their supply chain,” according to the authors of the report.

Exploiting frailties in people’s cybersecurity awareness remains a key vector of successful cyber-attacks. A quarter of total breaches in the 2022 report were the result of social engineering attacks, such as phishing.

“When you add human errors and misuse of privilege, the human element accounts for 82% of analyzed breaches over the past year,” Verizon concluded.

Running the numbers

Now on its 15th edition, the 2022 DBIR involved the analysis of data from 87 contributors, both US-based and international, ranging from law enforcement agencies to forensic and law firms to CERTs and government agencies.

In response to the growing scourge of ransomware, and in particular incidents like the Colonial Pipeline attack that affected the real economy, the US is developing several multi-agency initiatives.

The Cybersecurity and Infrastructure Security Agency (CISA) plans to convene a Joint Ransomware Task Force, while the Department of Justice announced it is launching two international initiatives aimed at tracking illegal cryptocurrency transfers and disrupting ‘top tier’ cyber threat actors.

Switching tactics

During a plenary session at the recent CyberUK conference, senior NSA advisor Rob Joyce said that banking sanctions imposed in the wake of Russia’s invasion of Ukraine have stymied the ability of Russian-based cybercriminals to buy or rent internet infrastructure, as well as to cash out the proceeds of ransomware scams.

Other experts have disputed, or at least declined to confirm, this point. Recent ransomware-focused indictments have focused on Russia, Ukraine, and Moldova. Some experts suspect the war led many perpetrators of ransomware scams in this region to temporarily suspend operations and relocate rather than shut-up shop.

Ransomware groups – hit by law enforcement actions and difficulties in paying initial access brokers, crypters, and bulletproof hosting providers – might well switch from ‘big game hunting’ to smaller targets, a UK National Crime Agency representative told the conference during a panel session on ransomware.

A BAE Systems representative added that attackers are still using the same methods to infect systems – network vulnerabilities (open RDP ports) and phishing – but have switched from Bitcoin to Monero for payment because the latter cryptocurrency is harder to trace.

Advertisement. Scroll to continue reading.

Source: https://portswigger.net/daily-swig/dbir-2022-ransomware-surge-increases-global-data-breach-woes

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

Telegram Messenger offers global, cloud-based instant messaging with several features:- Cybersecurity researchers at Securlist recently found several Telegram mods on Google Play in various...

Cyber Security

The cyberattack that ultimately led to the breach of several U.S. officials’ email accounts was the result of a China-based threat actor accessing a...

Cyber Security

AttackCrypt, an open-source “crypter,” was recently used by cybercriminals to hide malware binaries and avoid antivirus detection. A crypter is a kind of software that can...

Cyber Security

We are glad to present the most recent news on cybersecurity in this week’s Threat and Vulnerability Roundup from Cyber Writes.  The latest attack...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO