Incidents of phishing picked up dramatically over the past year, according to the newly released Verizon 2016 Data Breach Investigations Report, which analyzed more than 2,260 confirmed data breaches and more than 100,000 reported security incidents.
Some key findings of the report:
- Eighty-nine (89) percent of all attacks involve financial or espionage motivations.
- Most attacks exploit known vulnerabilities that have never been patched despite patches being available for months, or even years. In fact, the top 10 known vulnerabilities accounted for 85 percent of successful exploits.
- Sixty-three (63) percent of confirmed data breaches involve using weak, default or stolen passwords.
- 95 percent of breaches and 86 percent of security incidents fall into nine patterns
- Ransomware attacks increased by 16 percent over 2015 findings.
- Basic defenses continue to be sorely lacking in many organizations.
"The Data Breach Investigations Report's increasing importance to businesses, law enforcement and governmental agencies demonstrates a strong desire to stay ahead of cybercrime," said Chris Formant, president of Verizon Enterprise Solutions. "Now more than ever, the collaboration and contributions evidenced in the DBIR from organizations across the globe are required to fully understand the threat landscape. And understanding is the first step toward addressing that threat."
"You might say our findings boil down to one common theme -- the human element," said Bryan Sartin, executive director of global security services, Verizon Enterprise Solutions. "Despite advances in information security research and cyber detection solutions and tools, we continue to see many of the same errors we've known about for more than a decade now."
The full report is online.
http://news.verizonenterprise.com/2016/04/2016-data-breach-report-info/