Among Financial and insurance industries, 83 per cent of data breach cases were of personal data, while in Professional, Scientific and Technical services industries only 49 per cent was personal
As most of the people are working from home due to COVID, there has been a surge in cyber-crime. The year 2021 has seen 5,258 data breach cases across the globe, a third more breaches analysed than last year, according to a report on Thursday.
29,207 security incidents from data collected from 83 contributors, with victims spanning 88 countries, 12 industries, and three world regions were analysed by the 14th edition of Data Breach Investigations Report (2021 DBIR) by Verizon Business.
With an unprecedented number of people working remotely, phishing and ransom-ware attacks increased by 11 per cent and 6 per cent respectively, with instances of misrepresentation increasing by 15 times compared to last year, showed the Data Breach Investigations Report.
Additionally, breached data showed that 61 per cent of breaches involved credential data. About 95 per cent of organisations suffering credential stuffing attacks had between 637 and 3.3 billion malicious login attempts through the year.
“The Covid-19 pandemic has had a profound impact on many of the security challenges organisations are currently facing”, said Tami Erwin, CEO, Verizon Business, in a statement.
“As the number of companies switching business-critical functions to the cloud increases, the potential threat to their operations may become more pronounced, as malicious actors look to exploit human vulnerabilities and leverage an increased dependency on digital infrastructures”, Erwin added.
Among Financial and insurance industries, 83 per cent of data breach cases were of personal data, while in Professional, Scientific and Technical services industries only 49 per cent was personal.
Further, the Data Breach Investigations Report also revealed that in Asia Pacific regions, many breaches that took place were caused by financially motivated attackers – phishing employees for credentials, and then using those stolen credentials to gain access to mail accounts and web application servers.
Basic web application attacks, system intrusion, and social engineering were seen by European, Middle East and African regions, while Northern America was the target of financially motivated cyber criminals searching for money or easily monetisable data. Social engineering, hacking and malware continued to be the favoured tools utilised by cyber criminals in this region.