HIPAA Times news | Concise, reliable news and insights on HIPAA compliance and regulations

Analysis of the 2024 Verizon data breach investigation report

Written by Farah Amod | Sep 4, 2024 12:15:00 PM

The Verizon Data Breach Investigations Report (DBIR) has long been a trusted resource for security professionals, offering an analysis of the latest trends and insights into the world of cybercrime. The 2024 edition of this annual report provides a wealth of data-driven findings that show the most pressing security challenges organizations face today.

 

Highlights from the 2024 Verizon DBIR

Record-breaking breach caseload

The 2024 DBIR analyzed 30,458 real-world security incidents, with a record-breaking 10,626 confirmed data breaches impacting victims in 94 countries. The increase in the number of breaches analyzed, compared to just 5,000 in the previous year's report, proves the relentless onslaught of cyber threats organizations are dealing with.

 

Stolen credentials

Stolen credentials remain a persistent thorn in the side of security professionals, with the use of compromised login details accounting for 24% of breaches as the initial action taken by attackers. The findings are further compounded by the analysis of credential marketplaces, which revealed over 1,000 credentials being posted for sale daily, at an average price of $10 per set.

 

The pervasive threat of phishing

While stolen credentials continue to be a primary attack vector, the report also discusses the ongoing threat of phishing, which accounts for 14% of breaches involving compromised credentials. The short median time of less than 60 seconds for users to fall victim to phishing emails reflects the need for effective security awareness training and end-user education.

 

Malware

Malware remains a formidable tool in the cybercriminal's arsenal, with the report finding that 70% of incidents involved the deployment of ransomware. Additionally, the exploitation of vulnerabilities and backdoors was identified as a prevalent component of malware-based attacks. The report's findings on infostealer malware and mobile banking trojans further reiterate the diverse and persistent nature of malware threats.

 

The ransomware epidemic

Ransomware and extortion techniques were involved in 32% of all breaches, with ransomware attacks alone accounting for 23% of the total. The widespread impact across 92% of industries illustrates the pervasive and growing threat of these types of attacks. The report also revealed an increase in the median ransom demand, now standing at 1.34% of the victim's total revenue, with actual payments reaching a median of around $46,000.

 

Industry-specific insights

The 2024 DBIR provides a wealth of industry-specific insights, stating the challenges faced by various sectors. For instance, the financial and insurance industry saw system intrusion accounting for 29% of breaches, with financial data and credentials frequently compromised. The healthcare sector struggled with a surge in social engineering attacks, while the manufacturing industry faced a rise in ransomware incidents.

 

Third-party risks

The report showcases the growing threat of third-party risks, with 15% of breaches involving third-party infrastructures, such as partner networks and software supply chain issues. These metrics serve as a reminder to secure the entire ecosystem and carefully vet the security posture of all business partners and vendors.

Read more: Healthcare data breach insights and statistics 

 

Mitigating the cybersecurity threat 

The insights from the 2024 Verizon DBIR reveal the need for organizations to adopt a multilayered approach to cybersecurity. Effective strategies include:

  • Strengthening password hygiene: Implementing password management practices, such as mandatory use of unique, complex passwords and enabling multi-factor authentication, can reduce the risk of credential-based attacks.
  • Enhancing security awareness: Employee training programs that educate users on recognizing and responding to phishing attempts, social engineering tactics, and other common attack vectors can help mitigate the human element of cybersecurity risks.
  • Proactive vulnerability management: Regularly updating and patching software, as well as actively monitoring for and remediating known vulnerabilities, can help organizations stay one step ahead of malware-based threats.
  • Ransomware preparedness: Developing and regularly testing incident response and business continuity plans, as well as implementing data backup and recovery strategies, can help organizations better withstand and recover from ransomware attacks.
  • Ecosystem security: Carefully vetting the security practices of third-party partners and suppliers, and implementing supply chain risk management strategies, can help organizations mitigate the risks posed by their extended digital ecosystem.
  • Data-centric security: Adopting a data-centric approach to security, where the focus is on consistently identifying, classifying, and protecting sensitive data wherever it resides, can help organizations better safeguard their most valuable assets.
  • Embracing zero trust: Implementing zero trust principles, which continuously verify every user and device, can help organizations reduce their reliance on inherently trusting internal users and limit the potential damage from human errors or malicious actions.

Read also: Preventing the spread of cybersecurity attacks in healthcare 

 

FAQs

What is a data breach?

A data breach is an incident where sensitive, protected, or confidential data is accessed, disclosed, or stolen by unauthorized individuals. This can include personal information such as names, social security numbers, credit card details, and medical records. Data breaches can occur through various means, such as hacking, malware attacks, insider threats, or inadequate security measures.

 

Can legal action result from a data breach?

Yes, legal action can result from a data breach, as affected individuals or organizations may sue for damages caused by the breach.

 

How can healthcare organizations prevent data breaches?

Healthcare organizations can reduce the risk of data breaches by implementing strong cybersecurity measures, conducting regular security training for employees, and using encryption to protect sensitive data. 

 

What should a healthcare organization do immediately after discovering a data breach?

Upon discovering a data breach, a healthcare organization should contain the breach, assess the scope of the impact, notify affected individuals and relevant authorities, and begin an investigation to understand how the breach occurred and how to prevent future incidents.

Learn more: HIPAA Compliant Email: The Definitive Guide
View full post