There are certain things in the cybersecurity world that tend to stay the same from year to year, such as phishing being the number one delivery method for malware.
But there are other things that are always evolving when it comes to IT security. Not knowing what’s changing and what new threats are emerging can put your business security at risk.
Hackers are always evolving their attack methods, trying new ways around sophisticated anti-malware and firewall systems. They also are looking to exploit any vulnerabilities and human errors that they can.
Keeping up with the latest studies on the methods hackers are using to gain access to your data can ensure you’re ready to defend against them. It also ensures that your IT security strategy is kept up to date and effective.
One of the major reports that comes out every year in the area of cybersecurity is Verizon’s Data Breach Investigation’s Report (DBIR). We’ve taken a thorough look through the report to bring you the latest findings that will impact your New Jersey company’s data security.
Cybersecurity Insights from the Latest Cyber Attack Study
This report puts together data from 157,525 cybersecurity incidents and 3,950 data breaches over 16 different industries in 81 countries.
The report defines the difference between “cybersecurity incident” and “data breach” as follows:
- Incident: A security issue that compromises the integrity, confidentiality or availability of an IT resource.
- Breach: A security issue that results in the confirmed disclosure of data to an unauthorized party.
Here are some of the biggest findings on the new attack vectors and IT security vulnerabilities to be aware of.
Misconfigurations of Security Settings are the #2 Cause of Breaches
Have you been handling the security settings for your cloud services, like Microsoft 365 and others yourself? You may be leaving yourself vulnerable to a breach and not even realize it.
A major finding of the report was that misconfiguration of security settings has jumped to the second most prevalent cause of data breaches, right behind hacking.
Cloud security has become more important than ever and configuring security settings isn’t something you want to guess at. It’s a good idea to have an IT professional ensure your configurations are where they need to be so you’re not left at risk.
Phishing Continues to Be Dangerous
Phishing continues to be one of the most dangerous threat actions when it comes to both cybersecurity incidents and data breaches.
It’s the #2 threat action used in cyber incidents and #1 when it comes to data breaches. These days, phishing often uses links rather than attachments to inject your PC with dangerous code. This allows it to get past weaker antivirus programs.
Web protection that blocks malicious websites even after a URL is clicked is vital to help combat phishing. It’s one of the services offered in our Pro-Active Support Program.
Password Dumpers are Now the #1 Malware Used in Attacks
Ransomware, which continues to plague many business systems, dropped to the third most delivered malware. Malware that captures app data is number two… and in the number one spot is password dumpers malware.
Credential theft has become a big source of income for hackers. Using stolen user credentials allow them to get past many system safeguards and gain direct access to all kinds of system data and resources.
Password dumpers look for any type of username/password database that may be stored on a device or web application. They then “dump” those credentials out for the hacker to steal and sell on the Dark Web.
User Credentials are the Most Sought After “Prize” in Phishing
Phishing emails, which are the cause of most malware and hacking incidents, deliver 96% of those cyberthreats. What are hackers after the most in these phishing attacks? User credentials.
This statistic goes hand in hand with the password dumpers. These stats show that getting user passwords has become the main objective of a majority of cyberattacks.
The main types of data being sought in phishing emails are:
- Login credentials (about 60%)
- Personal information (about 50%)
- Internal data (about 20%)
- Medical data (about 18%)
- Bank information (about 15%)
Protecting your business from credential theft means taking a two-pronged approach.
First, you want to ensure users have strong password management practices in place, so passwords are less likely to be compromised.
Second, you need to have technical protections in place to prevent a breach should a user credential be compromised. This includes things like managed antivirus, WebProtection, and IPS firewall protection (all of which are available in our Pro-Active Support Program.
Keep Your Business Protected Against the Newest Cyber Threats
A Pro-Active Support Program with Two River Computer can ensure your business is protected on multiple fronts from all the latest cyberattack methods hackers are using.
Contact us today to sign up or learn more. Call 732-747-0020 or reach us online.