Ransomware attacks have room to grow, Verizon data breach report shows

/in


Ransomware attacks now make up an huge chunk of all recorded security incidents, the Log4j vulnerability was used in 3 in 4 digital espionage campaigns and employees continue to pose more of a practical cyber threat to most organizations than the Russian GRU or Chinese Ministry of State Security.

Those are some of the conclusions gleaned from the latest annual Verizon Data Breach Investigations Report released this morning.

Verizon’s findings are drawn from 16,000 security incidents over the past year, including over 5,000 data breaches from Nov. 1, 2021 to Oct. 31, 2022.

A plurality of 15,000-plus incidents (42%) were distributed-denial-of-service (DDoS) attacks, which can disrupt service from or access to websites and other systems.

There are solid indicators that DDoS attacks are getting worse, or at least more intense, as the internet of things (IoT) give attackers billions of zombie devices to hijack and incorporate into botnets. Over the past two years, companies like Cloudflare and Yandex have observed increasingly larger and record-breaking  DDoS attacks, while the U.S. Department of Justice recently highlighted its interest in the problem when it targeted and seized 13 domains used in various “DDoS for hire” operations earlier this year.

Ransomware holding steady

A number of threat intelligence and cybersecurity firms have said their internal data, gleaned from customers and incident responses, indicate that ransomware activity dropped off in 2022, before jumping back up in the first half of 2023. Verizon’s data shows a similar trend, with reported ransomware incidents plateauing over the past 24 months at 24%, after years of steady growth.

After steady growth since 2019, reported ransomware activity has plateaued over the past two years.(Source: Verizon Data Breach Investigations Report 2023)
After steady growth since 2019, reported ransomware activity has plateaued over the past two years.(Source: Verizon Data Breach Investigations Report 2023)

However, if someone does break into your system, the most likely cause will be ransomware. Encryption and extortion overall have risen to 15.5% of all reported cybersecurity incidents, the second most frequently reported action after DDoS. It’s also the No. 1 most-frequent action taken by hackers during incidents system intrusion incidents.

These results are “staggering,” and…

Source…