No one thinks it's going to be them. Until it is. And that's exactly what cybercriminals are banking on.

Society is so infused with technology that our digital footprint is practically glowing. But if we're not careful to cover our tracks, our footprint can be used against us — individuals and companies alike.

Cyberespionage is now the most common type of attack across a variety of industries and organized criminal groups escalated their use ransomware to extort their victims, according to the Verizon 2017 Data Breach Investigations Report (DBIR).

While no individual or company is immune, Verizon's report offers insights on how to keep your data safe going forward.

Continue reading…  Hacking

Verizon's DBIR noted a surge in ransomware attacks, as well as an increase in cyberespionage among a variety of industries. (Photo: Shutterstock

|

The results are in

Nearly 2,000 breaches from 84 countries were analyzed in this year's report.

More than 300 were espionage-related, many of which started as phishing emails. Cyberespionage is now the most common type of attack seen in manufacturing, the public sector and education. 

In addition, the DBIR noted a 50 percent increased in ransomware attacks compared to last year. Many organizations rely on out-of-date security measures and aren't investing in security precautions, despite an abundance of affordable options

"There are vastly more small-businesses in the U.S. than large-businesses," said Gabriel Bassett, senior information security data scientist. "Small-businesses are not immune." 

Whether its medical records or payment card details, someone, somewhere will see it as an opportunity. 

"Often, even a basic defense will deter cyber criminals who will move on to look for an easier target," Bryan Sartin, executive director, Global Security Services, Verizon Enterprise Solutions, said in a statement. 

Continue reading…

phishing with hook and envelope

Phishing remains a go-to strategy among attacks relating to financials and cyberespionage. (Photo: Shutterstock)

|

Old techniques still work

The first instance of phishing was recorded sometime in 1995. After more than two decades, people are still falling for it. 

Verizon's DBIR found that 1 in 14 users were tricked into following a link or opening an attachment — and a quarter of those went on to be duped more than once. 95 percent of attacks that led to a breach were followed by some sort of software installation. The method is popular among both cyberespionage and financially motivated attacks. 

Bassett recommends that companies hire a vendor who will send test phishing email to their employees. There are specific hotspots of people and departments who are more prone to attack, often because their job entails opening emails from outside sources. Using that data will allow them to analyze susceptible employees and train them

"Accept that someone is gonna click," said Bassett. 

Continue reading…  Hacker looting company money

Cybercriminals are using pretexting to loot company money, often through emails targeting employees with access to its financial reserves. (Photo: Shutterstock) 

|

New techniques on the rise

Cybercriminals will search endlessly for ways to dupe an unsuspecting target. They're finding success in pretexting, which, simply put, is when someone pretends to be someone else.

Hackers are looking to engage in business email compromise. Often, someone sends an email where "the CEO" orders wire transfers with an urgent and believable back story. 

The DBIR urges companies to remind employees — particularly in finance — that no one will request a payment via unauthorized processes. IT can also assist by marking external emails with an unmistakable stamp. A lack of communication can lead to catastrophic results.

"Never use a single channel for communication for any monetary decision over a certain amount," said Bassett. 

Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader

Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Denny Jacob

Denny Jacob is an associate editor for NU PropertyCasualty360. Contact him at [email protected].