13 Key Findings from Verizon’s 2024 Data Breach Investigations Report
Harsh Sahu
CTO
May 2024 | 7 mins
Every year, Verizon releases their Data Breach Investigations Report, which aims to talk about the various threat actor types, the tactics they utilize and the targets they choose for data breaches.
2024 marks the 17th edition of Verizon’s DBIR. The report analyzed 30,458 real-world security incidents, of which 10,626 were confirmed data breaches, with victims spanning 94 countries.
In this blog, we point out the key findings from Verizon 2024 Data Breach InvestigationsReport. These key findings will help you analyze the trends in cybercrime and how your organization can make the best out of this report to secure your most critical and sensitive data.
Threat actors have exploited vulnerabilities in the systems of organizations to enter and exploit their data. This trend has tripled (a 180% rise) from 2023. Credentials and Phishing takes the top spots for pathways of entry for cybercrime.
Roughly one-third of all breaches involved Ransomware (23%) or some other Extortion technique. Pure Extortion attacks have risen over the past year and are now a component of 9% of all breaches. Ransomware was a top threat across 92% of industries.
The human element was a component of 68% of breaches, roughly the same as the previous period 2023 DBIR. Third-party vendor were involved in 15% of all breaches, a 68% rise from previous year, mostly fueled by the use of zero-day exploits for Ransomware and Extortion attacks.
28% of all breaches involved the factor errors as a contributor. This validates that errors are more prevalent than media or traditional incident response-driven bias.
The overall reporting rate of phishing has been growing over the past few years. The median time to click on a malicious link after the email is opened is 21 seconds and then only another 28 seconds for the person caught in the phishing scheme to enter their data. This leads to an alarming finding: The median time for users to fall for phishing emails is less than 60 seconds.
Over the past three years, the combination of Ransomware and other Extortion breaches accounted for almost two-thirds (fluctuating between 59% and 66%) of those attacks. According to the FBI’s Internet Crime Complaint Center (IC3) ransomware complaint data, the median loss associated with the combination of Ransomware and other Extortion breaches has been $46,000, ranging between $3 (three dollars) and $1,141,467 for 95% of the cases.
Similarly, over the past two years, incidents involving Pretexting (the majority of which had Business Email Compromise [BEC] as the outcome) accounted for one-fourth (ranging between 24% and 25%) of financially motivated attacks. In both years, the median transaction amount of a BEC was around $50,000, also according to the FBI IC3 dataset.
External actors acted as the top catalyst for breaches, standing at 65%; while internal actors part has risen to a whopping 35%—a significant increase from previous 20% number.
Financial motive has the clear lead, accounting for almost 92% of the breaches, but it is interesting to note that the espionage motive has increased slightly over last year, from 5% to 7%.
It takes around 55 days to remediate 50% of critical vulnerabilities once their patches are available. As the below figure demonstrates, the patching doesn’t seem to start picking up until after the 30-day mark, and by the end of a whole year, around 8% of them are still open.
Person as an asset has become more involved this year because of the growth of pure extortion action-based breaches. Server remains the top contender for the assets that are exploited during a breach.
Personal data, accounting for almost 60%, a majority, is being targeted the most by cyber criminals. There is also a rise in sensitive personal data breach over the previous year.
Denial of Service (DoS) occupies more than 50% of incidents of data breaches. This pattern has been the most prevalent one for several years now, and you don’t have to think very hard to understand why: DoS attacks are relatively cheap to execute, and it is actually fairly easy for them to be successful, at least until an organization’s defenses are activated to mitigate them.
North American region has the highest number of data breach incidents amongst all region, with financial motive (97%) being the main reason for attack.
Amongst the varieties of threat actors, organized crime-affiliated actors enjoy a substantial majority over their state-sponsored counterparts.
Multiple reports highlights the rising need for a robust and secure ways of handling data. Security at source is more essential than ever, whether the data is in transit or in motion. Moreover, it is important to note that the rising trend of exploitation of sensitive personal data can grow by leaps and bounds, as such data are priced heavily in the dark web channels.
To know how OptIQ can help you secure your most critical business data, such as customer data, set up a quick call with us for a personalized demo of OptIQ’s Data Security Platform.
