Last week, Verizon released the latest edition of the Data Breach Investigations Report (Verizon DBIR). The report offers critical insights for business leaders in the ever-changing world of cybersecurity. Some items within the report should come as no surprise – Ransomware is still a considerable concern and phishing continues to be a highly successful attack vector. However, some new insights shed light on areas of growing concern. The 2024 report highlights four areas to focus on:
- Credential theft has been involved in 33% of breaches over the last decade
- Pretexting, such as Business Email Compromise (BEC), continues to be on the rise
- Third-party risks are a growing concern
- Vulnerability exploitation is a rapidly evolving target
Credential Theft
The use of stolen credentials continues to be the most prominent attack vector for malicious actors. The use of weak credentials and the re-use of credentials for multiple sites places your organization at risk. Developing strong password policies and enabling multi-factor authentication for all logins can help reduce this risk.
Pretexting
You are likely familiar with phishing, a form of social engineering where attackers deceive people into revealing sensitive information or installing malware via email or other messaging means. Pretexting is a targeted attack where the attacker attempts to fool the victim into believing the attacker is someone they aren’t, typically a fellow employee, executive, or trusted third party, to gain or manipulate sensitive information or convince the victim to perform malicious actions.
The DBIR states that pretexting accounts for 25% of financially motivated attacks. From 2022-2024 the median transaction amount of a BEC event was $50,000.
Security awareness and training programs are an organization’s best investment to decrease the chance of a successful phishing or pretexting event. Additionally, consider reviewing your controls to ensure that changes to a vendor or customer’s payment information require the approval of two or more employees to reduce the chance of a successful attack.
Third-Party Risk Concerns
Supply chain involvement in cybersecurity breaches increased in 2023 from 9% to 15%. This metric represents any attack that took place because a business partner was the vector, or the third party’s application contained an exploitable vulnerability. Strong supply chain practices are becoming more and more of a must-have every year. Performing due diligence at the start of a relationship and annually thereafter can help ensure that all business partners meet your expectations and reduce your organization’s risk of a successful supply chain attack.
Vulnerability Exploitation
One of the most concerning trends highlighted in the report is the 180% increase in vulnerability exploitation, driven largely using zero-day exploits for ransomware and extortion attacks. This underscores the critical importance of proactive vulnerability management. On average, it takes organizations 55 days to remediate 50% of critical vulnerabilities identified in a vulnerability scan. To put this in perspective, nearly one-third of the scanning performed for the Log4j vulnerability was performed within 30 days of the vulnerability’s disclosure. Closing this gap is essential for mitigating the risk of successful attacks.
Who is empowering your growth by protecting what matters most? Learn more about our offerings and contact a member of our team today.
Article written by:
John Stuart
Senior Cybersecurity Analyst
