Ransomware fiends target smaller businesses: The percentage of breaches involving third parties doubled to 30%, highlighting the risks associated with supply chain and partner ecosystems.The prevalence of ransomware attacks also increased, turning up as a factor in 44% of analyzed breaches (compared to 37% in 2024). Ransomware had a disproportionate impact of on small and midsize businesses (SMBs).While larger organizations experience ransomware in 39% of breaches, SMBs grappled with ransomware in 88% of breach incidents.Symptomatic of the trend of ransomware actors to go after smaller targets, there was a noticeable decrease in the median ransom amount paid, which fell to from $150,000 in 2024 to $115,000 in this year’s report.The number of victim organizations that did not pay ransoms was 64%, compared to 50% that refused payment two years ago.
The human factor: Human involvement in cybersecurity breaches stayed around the same as in Verizon’s 2024 DBIR, a factor in 60% of successful attacks. The figure illustrates the ongoing importance of social engineering attacks such as phishing and credential (password and login credential) abuse. To that end, cybercriminals are switching up tactics to make phishing more effective and relying more on infostealer malware to capture credentials.AI is also playing a greater role in cyberattacks and data leak risks. Synthetically generated text in malicious emails has doubled over the past two years, according to Verizon.Meanwhile, 15% of employees routinely accessed generative AI platforms on theircorporate devices, increasing the potential for data leaks, which CISOs are struggling to contain.
Spy games: Verizon estimates that espionage-motivated attacks account for 17% of security breaches, almost trebling in prevalence since 2024.Manufacturing and healthcare sectors faced an increase in espionage-motivated attacks.Microsoft’s Digital Defense Report from November 2024 also noted a rising trend that sees lines blurring between cyberespionage and cybercriminal activity.
Countermeasures: As always, defending against potential attacks relies on developing a multilayered defense strategy.”Businesses need to invest in robust security measures, including strong password policies, timely patching of vulnerabilities, and comprehensive security awareness training for employees,” said Chris Novak, VP of global cybersecurity solutions at Verizon Business.
Countermeasures: As always, defending against potential attacks relies on developing a multilayered defense strategy.”Businesses need to invest in robust security measures, including strong password policies, timely patching of vulnerabilities, and comprehensive security awareness training for employees,” said Chris Novak, VP of global cybersecurity solutions at Verizon Business.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3970094/cybercriminals-switch-up-their-top-initial-access-vectors-of-choice.html
