What do cybersecurity breaches have in common? In general, they are perpetrated by intruders who use stolen or insecure passwords to attack companies and private users for their own financial gain.
This is the common pattern for cyberattacks, according to Verizon’s 2017 Data Breach Investigations Report. The tenth edition of this report confirms that cybercrime is driven by economic reasons. 73% of attacks were for economic reasons and it is no coincidence that financial institutions are the main victim of these attacks (24%).
Although cybercriminals are more prepared, better organized, and using more sophisticated methods, the use of unsafe passwords remains a scourge in the area of security. 81% of attacks are based on insecure or stolen passwords, being the main tactic used. While it is true that there is no such thing as an impregnable system, implementing basic security measures can prevent major catastrophes. At the corporate level, for example, using double-factor authentication and encrypting the most sensitive information will put considerable obstacles in attackers’ paths.
Malware is still a big business
Malware was present in 51% of the cases in which a security breach occurred. This result is due in large measure to the surge of ransomware, whose use is up 50% since 2015, mainly for organized crime. Although it first emerged in 1989, the use of this type of malware has grown exponentially in recent years: ransomware has gone from being the 22nd most common malware variety in 2013 to the 5th in its current position. Most troubling in the report is that, despite the fact that ransomware has a growing presence in the media, companies still rely on outdated security solutions to combat it. In short, they are paying out rewards to regain control of their data rather than investing in security solutions that anticipate and prevent these attacks.
Beyond ransomware, phishing is still one of cybercriminals’ favorite techniques. They used this method in 43% of security breaches, both in cases of cyberespionage and in attacks with economic motives.
The B-side of cybercrime
If 51% of security breaches were malware-related, it means that we have 49% of cases in which there were other causes, including advanced hacking techniques. In the face of such threats, traditional anti-virus protection has no answers: they are advanced attacks that evolve in real time to bypass security measures used by companies or home users.
The Verizon study points out that companies must rethink their protection strategies to defend themselves against such attacks. The best way to combat these advanced threats is with dynamic security solutions that constantly evolve to protect your business. For example, our Adaptive Defense solution uses contextual logic to reveal patterns of malicious behavior and generate cyber-defense actions against known and unknown threats. The Panda platform has blocked more than 2.3 million security breaches in 2016, and remains always a step ahead of cybercriminals.