Verizon recently published the 2017 edition of the annual Data Breach Incident Report (DBIR). The results are bleak, as ransomware attacks have increased by 50% during the past year.
Analyzing the report, the security experts have highlighted on two key aspects. The stats reveal that attacks on educational institutions have gone up. The other focal point is a concerning trend in the healthcare sector. According to Verizon, 68% of the breaches in healthcare facilities are internal.
The DBIR uses data from 65 organizations. It accounts for a total of 42,068 incidents, with 1,935 breaches. The observed cases have taken place in 84 different countries.
The results from the DBIR confirm the current trends, such as the shift to small and medium-sized enterprises (SMEs). 61% of the companies which have fallen victim to a data breach have less than 1,000 employees.
The statistics show that educational institutions are a favorite target of fraud artists:
- 455 incidents in total with 73 confirmed data disclosures;
- a surge in cyber espionage where 71% of the cases pertain to external attackers;
- the main motif for the attacks is financial, accounting for 45% of all cases;
- 56% of the extorted data was personal with 27% pertaining to secrets and 8% to credentials.
“We haven’t seen the prevalence of attacks we’ve seen in education until this year. If you look back the attacks make pretty good sense. There are grants, research study and a lot of interesting data in .edu,” commented Marc Spitler, Senior Manager at Verizon Security Research.
The healthcare sector discloses more information regarding attacks which makes it easier to observe. This is because the Health Insurance Portability and Accountability Act (HIPAA) requires healthcare institutions to make more information public.
In a concerning revelation, only 32% of the perpetrators were found to be external. 68% of the threat actors were identified as internal. 64% of the breaches were made for financial reasons, 23% for fun and 7% because of a grudge. The main types of compromised data were medical (64%) and personal (33%).
The healthcare sector has more specifications than any other branch in terms of cyber security issues. As Verizon noted: “Insider misuse is a major issue for the Healthcare industry; in fact it is the only industry where employees are the predominant threat actors in breaches. Interestingly enough, insiders’ motives are almost equally divided between financial and fun. This is a product of a lot of sensitive data that may be accessed by legions of staff members containing PII –that is perfect for identity theft– and medical history (sometimes of friends or relatives), that is very tempting for enquiring minds (that want to know!)”.
Other industries, such as the financial and the insurance sector, are targeted mainly for financial gain. Credentials are cited as the primary target, accounting for 71% of the incidents. The most common infiltration pattern is denial of service attacks.