Verizon: Ransomware Involved in 25% of Data Breaches as Credentials and Phishing are Seen as “Key Paths” for Attack Success



ransomware-VBIRWith the much-anticipated annual Verizon Data Breach Investigations Report finally released, we get a view of ransomware from the data breach perspective that points to a common weakness in your security strategy.

When it comes to the state of your organization’s ability to protect itself against cyberattacks – and ransomware, specifically – I truly don’t want to be the one that says “I told you so.” But the new data in Verizon’s Data Breach Investigations Report paints a pretty conclusive picture around why ransomware attacks are so successful.

First off, I need to point out that while 25% of data breaches involve ransomware, that number is nearly double what Verizon found in 2020 – demonstrating that, from the data breach perspective, we’re seeing ransomware attacks begin to encroach themselves as a dominant factor in data breaches (and will likely continue to do so).

So, what’s helping ransomware-involved data breaches be so successful? In a word… users.

According to Verizon, 82% of data breaches (ransomware included) involve “the human element” (which Verizon cites as including “Use of stolen credentials, Phishing, Misuse, or simply an Error”). Take a look at the chart below from the report, showing the action varieties found within ransomware-involved incidents:

Verizon: Ransomware Involved in 25% of Data Breaches as Credentials and Phishing are Seen as “Key Paths” for Attack Success

What you should notice is that three of the four (desktop sharing software, direct install, and email) all imply access to either a user’s endpoint or their web-based email. And how does one get such access? Usually through phishing attacks intent on either compromising credentials (in the case of email) or the user’s endpoint (in the case of desktop sharing software and direct install).

Verizon calls credentials and phishing two of “the four key paths leading to your estate” (in addition to exploiting vulnerabilities and botnets). They go on to state “These four pervade all areas of the DBIR, and no organization is safe without a plan to handle them all.”

Let’s sum this one up, shall we?

Ransomware is on the rise, users are involved somehow in a majority of all data breaches, threat actors gain access to endpoints and email, and phishing pervades all of this. Seems to me that the issue here (when you rewind the clock back to the initial threat actions that allow these ransomware incidents to occur) is users falling prey to phishing attacks – something easily either reduced or remedied with Security Awareness Training.

There’s no more respected or trusted report out there than the Verizon DBIR. So if Verizon is telling you users are the key to successful ransomware attacks, and that phishing is one of the keys to your kingdom, you need to be doing something about it to mitigate the user risk that exist within your organization.


Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/phishing-security-test-offer

Topics: Phishing, Ransomware

Subscribe To Our Blog


Ransomware Hostage Rescue Manual




Get the latest about social engineering

Subscribe to CyberheistNews