US carrier Verizon launched a cooperative investigation into eleven years’ worth of data breaches and found that ransomware is the most popular form of malware used in breaches these days. The results of the investigation that was jointly conducted with a number of companies throughout the tech space have been published in a document called the Data Breach Investigations Report. Globally, 67 different companies and security entities contributed data to the report, covering both firsthand investigations into data breaches from within the victimized companies and investigations into other companies’ data breaches from the likes of security firms. The report’s results come from data on over 53,000 separate and unique security incidents across various industries, constituting a total of 2,347 confirmed data breaches.
The report found that breaches most often came through web applications, with that category taking up 21-percent of total breach incidents in the survey sample. Lost and stolen corporate assets, surprisingly, made up only 8-percent of total breaches, likely thanks in no small part to built-in device security measures and remote security measures that can be taken once a loss is confirmed. Within the most popular category of web app breaches, retail took the cake with 35-percent of total incidents, while healthcare chalked up 19-percent of total breaches in the sample. Of the total incidents in the sample, denial of service was the most popular category of events at 41-percent, while the arguably more dangerous cyber espionage accounted for less than 1 percentage point of all major incidents in the sample set.
The report sends a clear message; dynamic and always evolving security remains crucial. Threats are ever-changing, and once something catches on, it can be shifted in subtle ways to elude security personnel. Ransomware is one of the key examples of this trend; it came on the scene a long time ago but didn’t achieve any real measure of popularity in the underground until the mid to late 2010s. Once the world-shaking Petya ransomware made its mark on the space, ransomware as a whole took off, with all sorts of methods to get it into a machine. Everything from privilege hijacking to social engineering has been fair game to get ransomware into systems since, and once a piece of ransomware is in, there’s no guarantee that paying off the hackers will actually work, or that the malware isn’t doing other things behind the scenes while it threatens to do away with all of your data, making it a near-perfect vehicle for data breaches.