Verizon's Business 2020 Data Breach Investigation Report (2020 DBIR) found that over 90% of data breaches were financially motivated as hackers look to remain financially solvent.
Based on a study of 32,002 incidents and 3,950 confirmed incidents across 81 countries, the report also highlighted a 43% spike in web application breaches.
According to those surveyed, financially motivated breaches accounted for 91% of cyber security incidents in Northern America, compared to 70% of breaches Europe, the Middle East and Africa and 63% in the Asia Pacific region. In North America, 79% of hacking breaches leveraged stolen credentials in their attacks, while 33% of breaches employed phishing or pretexting techniques.
Ransomware in the wild again Is mobile malware really a risk? Ten of the most infamous ‘black hat’ hackers Demand for tougher data breach legislation
In Europe, the Middle East and Africa, over 80% of malware incidents pointed to denial of service (DoS) attacks while 40% of breaches used a combination of techniques to target vulnerable web applications. Another 14% of breaches have been associated with cyber-espionage.
Alex Pinto, lead author of the report commented: “Security headlines often talk about spying, or grudge attacks, as a key driver for cyber crime - our data shows that is not the case. Financial gain continues to drive organized crime to exploit system vulnerabilities or human error.
"The good news is that there is a lot that organizations can do to protect themselves, including the ability to track common patterns within cyber attack journeys - a security game-changer - that puts control back into the hands of organizations around the globe.”
The 2020 DBIR also took note of a 43% increase in web application breaches, double the number reported in 2019. In 80% of these cases, threat actors used stolen credentials to carry out their campaigns. Cases of ransomware also grew by 3% to account for 27% of all malware attacks, and 18% of businesses reported they blocked at least one ransomware attack in 2019.
Tami Erwin, CEO of Verizon Business, warned: "In addition to protecting their systems from attack, we urge all businesses to continue employee education as phishing schemes become increasingly sophisticated and malicious."
