NEWS: Logpoint Acquires Muninn
Source: https://www.tekspace.com.au/blog/cyber-security-stats-2022/
Even with a rise in Denial of Service (DoS), which 46% of total incidents in 2022, we still cannot turn a blind eye on data breaches. In recent years, data breaches have become a prevalent threat in the digital world, affecting businesses and individuals alike. These breaches occur when an unauthorized party gains access to an organization's or individual's sensitive data. Cybercriminals aim to steal as much data as possible, from personally identifiable information (PII), one of the most sought-after types of data for cybercriminals, to financial information, health records, and intellectual property.
The leading types of attacks involved in data breaches are constantly evolving. The top five varieties currently include stolen credentials, ransomware, and phishing. Despite the existence of around 180 distinct action types, the majority of breaches (73%) are attributed to the top ten varieties.
When it comes to analyzing cyberattacks, timing is just one piece of the puzzle. By examining the Event Chain data and tracing the path of an attack, we can gain a more nuanced understanding of the breach. According to Verizon’s data breach report, the majority of successful attacks involve only a few key actions, namely Phishing, Downloader, and Ransomware. However, breaches that utilize five or more actions are a rarity. As defenders, our ultimate goal is to elongate the attack chain. With each additional step, defenders gain the opportunity to intervene, detect, respond, and recover. Attackers know this, and they are less likely to attempt longer attack chains as a result. Therefore, by extending the attack path, we increase our chances of thwarting cyberattacks before they can do any significant damage.
Financial breaches involving servers increased from 50% in 2016 to 90% in 2022. However, the type of attack known as "Server-Web application" has seen a significant rise from 12% to 51% during this period, becoming one of the top three attack patterns. These attacks often involve the use of stolen credentials, which is the main data stolen in this industry, and brute force hacking and credential stuffing are the most common techniques used to obtain such credentials. It is noteworthy that web application attacks and stolen credentials are often intertwined.
System Intrusion has surged from 14% in 2016 to 30% in the previous year. While organized crime was only responsible for 49% of breaches in 2018, it has risen significantly to 79% in recent years. As a result, ransomware attacks have become more prevalent due to their high-profit potential and low risk. It is expected that criminals will continue to use ransomware as an attack vector in the future.
Internal actors, meaning employees getting paid by threat actors to give them access, have always had a primary role in security breaches in the healthcare industry. But the game has changed, and the old guard is losing its grip. Although employees are still causing breaches, they're now more than 2.5 times more likely to make a mistake than to intentionally misuse their access. The most common errors are mis delivery and loss, but since 2019, the industry began seeing the rise of basic web application attacks, which have become a serious problem for everyone, not just in healthcare.
Hackers are increasingly targeting healthcare, launching run-of-the-mill attacks and more impactful ransomware campaigns. With ransomware comes the associated risk of actor disclosure, which is bad news for anyone who wants to keep their data safe.
The statistics show that still more often personal data than medical data is compromised. This raises some important questions. Has the industry failed to secure personal data while tightening controls around medical data? Are actors indiscriminately encrypting records without considering the consequences? Only insiders can answer these questions for certain.
The manufacturing industry, known for its efficient production of vital components for modern living, has become an attractive target for cybercriminals. In addition to espionage, criminals are now targeting manufacturing firms with Denial of Service (DoS) attacks, credential attacks, and ransomware. Primarily targeted for its sensitive schematics and trade secrets, recent trends indicate a shift towards financially motivated attacks.
DoS attacks have become a significant concern for manufacturing companies as they disrupt productivity and impact availability, leading to losses. Although the percentage of incidents related to DoS attacks dropped in 2018, it has been increasing once again, up until the present day.
Manufacturing companies are also vulnerable to common breaches like stolen credentials (39%), Ransomware (24%) and Phishing (11%), which can cause significant damage to the industry. As the manufacturing industry continues to rely on technology and integrate IT with the OT (operational technology) side, safeguarding against cyberattacks has become much more crucial. Cybersecurity is a top priority for this industry and failing to do so could result in a halt in production and massive losses, putting entire companies at risk.
