Security

Report: Cyberespionage now most popular form of cybercrime in many industries

According to Verizon's 2017 Data Breach Investigations Report, espionage-related attacks are growing in popularity, with malware and phishing still go-to tools for hackers as well.

cybereye.jpg
Image: iStockphoto/a_Taiga

The most common type of cybersecurity attack occurring in industries such as manufacturing, the public sector, and education, is cyberespionage according the Verizon 2017 Data Breach Investigations Report, released Thursday.

For those unfamiliar with the term, cyberespionage takes place when an attacker gains unauthorized entry to a network to access proprietary documents or confidential data. One example could be a hacker looking for company contracts or hardware prototype plans. Of the 2,000 breaches analyzed in the Verizon report, more than 300 fit the espionage category.

Many espionage-related breaches that Verizon looked at in the report started as a phishing email, a press release said. According to the report, 43% of breaches analyzed used phishing as a technique, with 95% of these phishing attacks being used to install software on a victim's machine. This highlights the fact that humans are still a weak link in many organizations' cybersecurity.

"Cyber-attacks targeting the human factor are still a major issue," Bryan Sartin, executive director of Global Security Services for Verizon Enterprise Solutions said in a release. "Cybercriminals concentrate on four key drivers of human behavior to encourage individuals to disclose information: eagerness, distraction, curiosity and uncertainty. And as our report shows, it is working, with a significant increase in both phishing and pretexting this year."

Malware continues to pose a problem for many businesses as well, with 51% of the breach analyzed in the report involving malware in some capacity. Ransomware, where data is locked until a ransom is paid, grew 50% from the previous year's report, becoming the fifth most popular variety of malware. Email-based malware affects manufacturing the most, the report said.

Another growing cyberattack technique is pretexting, a form of social engineering where an attacker falsifies their identity in order to get an employee to send them confidential information. This is especially prevalent in financial institutions, the report said, where it is used to have money transfers completed.

SEE: Guidelines for building security policies (Tech Pro Research)

So, which industries are dealing with the most cybercrime? According to the report, breaches are most common in these three industries: Financial services (24%), healthcare (15%), and the public sector (12%). It's also important to note that it's not just massive corporations that are victims of attacks—61% of the victims analyzed in the report were businesses that had fewer than 1,000 employees.

In the Verizon report, the company looked at data from 42,068 incidents and 1,935 breaches occurring among 84 countries. Some 81% of hacking-related breaches used stolen or guessed passwords.

"Our report demonstrates that there is no such thing as an impenetrable system, but doing the basics well makes a real difference. Often, even a basic defense will deter cybercriminals who will move on to look for an easier target," Sartin said in the release.

The 3 big takeaways for TechRepublic readers

  1. Cyberespionage is the most common cyberattack in manufacturing, the public sector, and education, according to a Verizon report.
  2. Malware is still a huge problem for businesses, and ransomware is up 50% from last year, becoming the 4th most common form of malware.
  3. Companies in financial services, healthcare, and the public sector were most affected, and attacks impacted smaller companies, too.

Also see

About Conner Forrest

Conner Forrest is a Senior Editor for TechRepublic. He covers enterprise technology and is interested in the convergence of tech and culture.

Editor's Picks

Free Newsletters, In your Inbox