The attack patterns of cybercriminals continue to be based on exploiting human nature, finds the Verizon 2016 Data Breach Investigations Report.
They rely on familiar attack patterns such as phishing, and increase their reliance on ransomware, where data is encrypted and a ransom is demanded.
Phishing tops the list of increasing concerns, where end users receive an email from a fraudulent source.
The study found 89 percent of all attacks involve financial or espionage motivations and 63 percent of confirmed data breaches involve using weak, default or stolen passwords.
Compared to last year’s findings, Ransomware attacks increased by 16 percent this year. Surprisingly, basic defenses continue to be sorely lacking in many organizations.
With regard to the speed in which cybercrime is committed, the report found it took attackers minutes or less to compromise systems.
Furthermore, 2016 report reiterates the need for the basics with regard to cyber security.
- Know what attack patterns are most common for your industry.
- Utilize two-factor authentication for your systems and other applications, such as popular social networking sites.
- Patch promptly.
- Monitor all inputs: Review all logs to help identify malicious activity.
- Encrypt your data: If stolen devices are encrypted, it’s much harder for attackers to access the data.
- Train your staff: Developing security awareness within your organization is critical especially with the rise in phishing attacks.
- Know your data and protect it accordingly. Also limit who has access to it.
Most recently, a Tripwire study found that 90 percent of the IT professionals in the retail sector believe that they could detect a data breach on critical systems in one week or less. That is an increase from 70 percent reported in the previous survey conducted in 2014.
The Tripwire survey finding makes a huge difference compared with a report by Arbor Networks, which says retailers take an average of 197 days to detect advanced threats on their networks.