The 2021 Verizon Data Breach Report is an annual report that combines data from public and private organizations around the world, including law enforcement agencies, national incident-reporting entities, research institutions, private security firms and the Verizon RISK team. Many cybersecurity professionals feel it provides great insight into current threat actor schemes and what the considerations are for a good cyber risk management strategy.
You may ask, “What is cyber risk?” Cyber risk is associated with financial loss, disruption, or damage done from unauthorized or erroneous use of your electronically stored information whether on a computer, tablet, cell phone, or with the Internet of Things. Each year cybersecurity professionals look forward to reading the 100+ page report to see ‘what’, ‘where’, and ‘who’ is trending in the cyber threat landscape.
Here is a quick summary as seen in the 2021 report:
• Social engineering is the most successful attack
• The top hacking vector in breaches is web application servers
• 85 percent of breaches involved a human element
• Financially motivated attacks are the most common
• Organized crime continues to be the number one attacker
• External cloud assets were compromised more than on-premises assets
• Older vulnerabilities that have not been patched are being exploited by attackers
• Credentials remain one of the most sought-after data types, followed by personal information
• Phishing continues to be one of the top causes of data breaches along with ransomware
In 2020, the FBI’s Internet Crime Complaint Center (IC3) published “The Elder Fraud Report” where they discussed how millions of Americans over the age of 60 were victims of cyber fraud. The type of fraud ranged from financial internet schemes, romance scams, tech support fraud, lottery cons and sweepstake rip-offs. The criminal pretends to be someone trusted and uses tactics of urgency and intimidation to take advantage of their target. The IC3 reported that in 2020 they received a total of 791,790 complaints with losses exceeding $4.1 billion, and these are only the ones that are reported. With approximately 28% of the losses sustained by elderly victims, the losses to seniors resulted in approximately $1 billion in one year!
“What do we do?”
We can all play a part in making the world a safer place. One way is to educate ourselves on how to spot and prevent cybercrime. Another way is to report anything suspicious to the proper government agency as well as to the software provider if a breach has happened.
• If you are a victim of a cyber crime over the internet, report it at www.ic3.gov.
• If you are a victim of a phone or text scam, go to reportfraud.ftc.gov.
Education for our clients at FirsTrust is important to us. Therefore, we have created a Cybersecurity Scorecard that contains questions that will help you determine how well you are currently protected against cybercrime.
Along with this document we created a Cybersecurity Checklist to help you know what you may need to do to fix any identified issues. Please see the document links below and download or print them for your personal use for free.
Stay safe online, friends.