Contrary to what you might have heard, cyber criminals pose a much bigger threat to organisations than employees.
This is the stand-out finding in Verizon’s 2020 Data Breach Investigations Report, debunking speculation that internal actors should now be organisations’ top priority.
The confusion perhaps stems from the fact that incidents involving malicious or negligent insiders have doubled in the past year – from 424 to 881.
However, Verizon believes this is largely because organisations are doing a better job reporting such incidents.
Even with more rigorous reporting, the report found that 70% of security incidents were caused by external actors. These are most likely to be organised crime gangs, although some sectors are also likely to be targeted by state-sponsored attackers.
Attackers are financially motivated
Verizon found that, across both internal and external threat actors, attacks are primarily motivated by financial gain, with 86% of attacks resulting in fraud or information being sold on the dark web.
By contrast, two of the other commonly discussed motives for attacks – revenge and politics – accounted for an almost negligible number of incidents. These are so rare that information is more likely to be breached as a by-product of another attack.
So how exactly do criminals turn their attacks into profit? Two thirds of incidents were the result of employee error – most likely a case of scammers tricking recipients into clicking a link in a phishing email.
Web applications are another frequent target, with cyber criminals exploiting vulnerabilities that are often caused by employees failing to secure systems. These types of attack occurred in 43% of breaches, more than double last year.
Meanwhile, there was a significant decrease in malware attacks, which for some may come as a major surprise. Malware has historically been practically synonymous with cyber crime, because it is traditionally the most effective way for criminals to compromise an organisation’s systems.
However, Verizon notes that – at least when it comes to less sophisticated attacks – malware tools are no longer necessary when you can get people to hand over their information with a well-crafted phishing email.
Is your organisation prepared?
The evolving threat landscape poses several challenges for organisations. The threat actors may not have changed, but the way they operate has – and organisations must respond in kind.
But doing that is harder than ever. Cyber criminals are specifically targeting human error because it’s a weakness that has no quick fix.
There are no software packages that prevent employees falling for a phishing email or misconfiguring a database. The only solution is through effective policies and an effective staff awareness programme.
You might consider starting with a Simulated Phishing Attack to assess how susceptible your employees are to phishing emails.
Do they click a link right away? Do they recognise that it’s a scam and delete it? Do they contact a senior colleague to warn them?
You can use the results to guide your information security measures and to act as a reference point when it comes to staff awareness training.
This service is an ideal complement to our Cyber Security for Remote Workers Staff Awareness E-learning Course.
Anyone who has been working from home during the coronavirus pandemic will know how challenging it is.
Among your biggest concerns are how to navigate the additional cyber security issues – including vulnerable Wi-Fi, targeted scams and your reliance on third-party platforms to communicate with employees.
This online course provides essential guidance on how to manage these and other threats, and comes with monthly security updates to help you stay on top of the latest phishing and ransomware scams.
Want to try this course before buying? We’re offering a two-week free trial; simply add the number of licences you require to your basket and proceed to checkout.