Highlights from Verizon's DBIR Report 2022
As digital transformation plays an active role in many fields of the business world, cybersecurity has become extremely critical for maintaining the business model and flow of organizations. Organizations need to build advanced cybersecurity policies for preventing data breach incidents and even analyze the general trend in all sectors with regards to data security in order to eliminate possible cyber attack threats before any breach occurs.
Cybersecurity reports and analyses prepared by various independent organizations must be regularly followed so as to predict such threats and take necessary measures. Verizon's DBIR (Data Breach Investigations Report) 2022, which has been published recently, stands out among these reports and regularly compiles the measures to be taken by companies and government agencies in the face of cyber threats.
This report published by Verizon annually since 2008 provides organizations within the international cybersecurity network with significant insight into the current and potential threat environment. The report thoroughly addresses current issues related to cybersecurity and describes what has changed and what has remained unchanged over the years.
In this article, we will compile the highlights from Verizon's DBIR 2022 with a view to guiding our readers who want to build cybersecurity for their organization with the right policies.
Remarkable Share of Ransomware Attacks
The report prepared by Verizon clearly states that ransomware attacks showed a huge increase with almost 13%, a rise as big as the last five years combined (for a total of 25% for this year). The report underlines that 70% of software-based data breach cases involve ransomware attacks. Frequently preferred by hacker groups for getting unauthorized access to company networks and cyber infrastructure, this attack method stands out as one of the ways favored by cyber attackers in supply chain attack cases. Indeed, Verizon's DBIR 2022 points out that supply chain attacks account for 62% of system intrusion incidents.
With respect to ransomware attacks, it should also be noted that 40% of all data breach cases caused by this type of attack involve the use of desktop sharing software. Driven by the transformation of the business world with the adoption of remote work model due to COVID-19, this situation leads us to some other interesting data. According to the report, 14% of unauthorized access incidents involve the usage of desktop sharing applications.
Internal Threats and Their Role in Identity Theft Cases
To build an advanced cybersecurity infrastructure, you should grant only as much privilege and access as necessary to privileged accounts, which may later become internal threats, and you should control the access permissions you grant and the movements in the system on a 24/7 basis. The report states that privilege misuse, which is defined as employees' misuse of legitimate access granted to them, is 2.5 times more likely to occur as a result of an error than as a result of misuse.
In the case of a data breach caused by internal threats with improper intentions, however, the personal data of employees, customers, and stakeholders is likely to be leaked. According to the report, malicious internal threats appeared mostly in the healthcare industry with the cases of data breaches in 2022, just like in previous years. Medical data is targeted in 22% of data breaches caused by health sector employees’ misuse of their privileges.
Prevention of Human Errors
Human error is responsible for 13% of data breaches. Still a dominant trend, human errors are largely due to misconfigured cloud storage systems. It is extremely important to get support from artificial intelligence and automation to prevent human errors. However, it is equally important to provide employees with the right training on the use of cybersecurity and information technologies. It is predicted that human errors may be decreased if the awareness of employees is raised and the access to cloud systems is controlled by the cooperation of artificial intelligence and automation.
Another remarkable topic in the report is the human element. According to Verizon's DBIR 2022, 82% of the data security breach cases of this year involved the human element. Unfortunately, the negative contribution of the human element continues to significantly stand out in incidents such as phishing and misuse of stolen credentials.
Phishing Attacks and Usage of Mobile Devices
According to the Data Breach Investigations Report 2022 prepared by Verizon, the usage of mobile devices is the main factor behind the emergence of phishing attacks. The report states that at least 58% of mobile devices had at least one malicious URL clicked. Defined as a phishing attack, this method has become more popular among cyber attackers in the last few years, during which people have become accustomed more and more to paying without a card or contactless by card. It should also be noted that at least one malicious or risky application is installed in 16% of phishing attempts, mostly by e-mailing links or via QR code. Besides, considering that one-fifth of phishing attacks are carried out through mobile devices, you should definitely pay serious attention to this topic when building or improving your cybersecurity infrastructure.
Share of Supply Chain in a Chain of Breach Incidents
We have mentioned above that cyber attacks targeting the supply chain account for 62% of system intrusion incidents. Verizon's DBIR report 2022 identifies the misuse of stolen credentials in supply chain breaches, expressed as a sequence of one or more breaches chained together, as the most significant type of cyber activity.
Moreover, according to Verizon's DBIR 2022, more than 75% of supply chain attacks involve only three steps. Defined as phishing, ransomware, and downloader, these three steps are the most common attacks on the supply chain. In the report, experts suggest that it is important for defense mechanisms to lengthen the attack path favored by the cyber-attackers and increase the number of steps. Cybersecurity experts state that lengthening the attack path will make it easier to take measures, and point out that IT infrastructures should be structured accordingly.
High Risk in Web Applications
Web applications are among the major attack surfaces. Frequently used by external threats to organize cyber attacks, web applications are defined as the number one attack vector in the report. Furthermore, the same report suggests that 80% of cyber attacks carried out through web applications result in identity theft.
Use PAM to Protect Your IT Infrastructure
Privileged Access Management (PAM) solutions are extremely successful in minimizing the cyber risks listed in Verizon's DBIR 2022. Privileged Access Management provides end-to-end data and access security thanks to its unique modules and successfully stores all data in your IT infrastructure, especially the credentials of privileged accounts. Offering a fully encrypted infrastructure with the Dynamic Password Controller module, PAM uses Two-Factor Authentication (2FA) to request simultaneous location and time verification from users who request access. Both modules make your IT infrastructure secure against data breaches that may occur through privileged access credentials.
Database Access Manager and Dynamic Data Masking records all actions of database administrators and masks the original data in dynamic way. This makes all actions on the network controllable ve safe on a 24/7 basis. Furthermore, the Privileged Session Manager allows you to better control user and data entries in different sessions. Privileged Task Automation (PTA) also automates routine tasks on the network to improve employee productivity and prevents possible service disruptions.
Our PAM suite Single Connect which was included in the Gartner Magic Quadrant provides the best protection against cyber risks listed in Verizon's DBIR 2022. Please do not hesitate to contact our team and to learn more about Single Connect.
