CLEVELAND, OH – Vestige Digital Investigations is named an official Contributor to the Verizon 2021 Data Breach Investigations Report (DBIR). This marks the 14th year that Verizon has published this report.
“As cybersecurity experts, Vestige Digital Investigations is pleased once again to be an official CONTRIBUTOR to the Verizon DBIR for the sixth year. We provided data on the matters we encountered in 2020 to continue to arm Verizon and cyber professionals around the globe with this data-driven resource report. The DBIR is designed to help cyber professionals use the information to take actionable real-world preventive steps to protect themselves and their organization from cyber incidents and data breach,” said Greg Kelley, BS, EnCE, DFCP, and Chief Technology Officer at Vestige Digital Investigations.
The 2021 edition of Verizon’s Data Breach Investigations Report (DBIR) highlighted the rise of ransomware and the importance of security monitoring, among other key cybersecurity trends.
Understand what you’re up against with cybersecurity insights powered by new threat patterns and analysis of 5,258 breaches:
Ransomware On The Rise
Verizon reported another increase in ransomware cases, which has been trending upward since 2016. Ransomware now accounts for 5% of total incidents that Verizon reported, and 10% all of breaches.
“This is because actors have adopted the new tactic of stealing the data and publishing it instead of just encrypting it,” the report reads.
The financial motivation of organized crime continues to be the biggest threat actor category for organizations. Vestige has similarly identified this pattern across organizations it protects — not only in ransomware attack attempts but also cryptominer works and other threats that are focused on generating revenue for attackers.
While Solarwinds and supply chain attacks are leading news headlines, they aren’t what is likely to impact organizations. As the world grows in turmoil and inequality escalates with it, so does the ability to take money from victims.
While the majority of organizations in the report had no vulnerabilities, random sampling shows older vulnerabilities continue to be a thorn in the side of organizations.
Understanding your attack surface by identifying what you’re exposing, how it’s being interacted with, and building a strategic plan to reduce these is paramount. As organized crime grows its reach deeper into ransomware (10% increase YoY), these vulnerabilities act as continued target vectors for groups to build their wealth further. Of course, patching vulnerabilities if they impact your environment is the highest priority, but it’s also important to have a strategic plan that focuses on reducing risk and impact.
Vestige offers Virtual Chief Information Security Officer (vCISO) services that are both a flexible and affordable alternative for organizations who need access to high level information security strategy, but are unable for find or afford to hire a full-time CISO.
Attack Stage Frequency Throughout a Breach
The Verizon report also highlighted the frequency of attack stages during the beginning, middle and end of a breach. Hacking and errors were the most common actions at the beginning of a breach, then malware and hacking became more common later on in the attack once the actor gained an initial foothold.
This further illustrates the need to have detections with robust recommendations for data gathering that do not necessarily depend on a specific technology to exist.
IT and security teams are more likely to be successful at stopping the attack when they identify the patterns that are associated with hacking and malware at each stage, rather than depending on a specific AV provider to have a complex AI process to identify a new weaponized file.
A threat detection and response solution like Vestige’s will detect and alert you about early patterns associated with malicious behavior like hacking and malware.
Incorporating Security Training Into Company Culture is Key
The DBIR showed that the larger the organization, the greater chance that it will be impacted by large scale phishing or broad social engineering attacks.
The report also showed that the majority of social engineering incidents were discovered externally.
“This means that when employees are falling for the bait, they don’t realize they’ve been hooked. Either that, or they don’t have an easy way to raise a red flag and let someone know they might have become a victim,” the report reads.
This highlights the importance of security awareness training. It’s also important to ensure that there is no culture of blame and that users are reinforced with explanations of what to do next time. Ask about Vestige’s CyberSecurity Awareness Training services to address this exact issue. Until users can recognize and learn to spot the tactice that attackers are using — companies are at risk of a cyber compromise or breach.
Business Email Compromise (BEC) was the second most common form of social attacks, according to Verizon, and it is continuing to increase. The median loss associated with BECs was $30,000, with 95% of BECs costing between $250 and $984,855.
However if you’re quick, you can generally freeze and recover most losses for BEC, something Vestige has also observed. Recovery of BEC rates — in addition to organizations not reporting losses from ransomware — shows that organizations may be pulling back on ransomware payments, are able to recover more readily, and are combating organized crime more as it grows in prevalence.
How Vestige Can Help
Vestige offers proactive services including: BreachReady™ and Hunt Team that are designed to stop incidents and data breaches before they occur and alerts your team about suspicious behavior that leads to security incidents, like malware and ransomware — and provides recommendations for next steps. CONTACT VESTIGE TODAY for a FREE consultation.
Vestige Digital Investigations, is a leading U.S. Electronic Evidence Experts company specializing in CyberSecurity and Digital Forensic solutions – both proactive and reactive. Vestige provides Expert proactive and reactive CyberSecurity Services to organizations of all sizes. They also provide timely and trusted investigations of any digital devices to resolve disputes and litigate claims. We serve small, mid-size and large Fortune 500 corporations both nationally and internationally helping professionals in the administrative, finance, fraud examination, HR, IT, insurance, law enforcement, legal and risk management fields make educated and informed decisions about access and preservation of digital information and its security. As experts, we offer a comprehensive knowledge of both the technical and legal aspects of digital forensics and cybersecurity. We are respected for confidential, objective, and knowledgeable investigations and reporting. Vestige Digital Investigations is headquartered in Cleveland, OH, with offices in Columbus, OH, Pittsburgh, PA and New York, NY. www.VestigeLtd.com
verizon.com/dbir #DBIR #cybersecurity