With most people working from home, due to the Coronavirus pandemic, cybercrime has increased. The year 2021 saw 5,258 data breaches across the globe, a third more breaches analyzed than last year, according to a report on Thursday.
The 14th edition of the Data Breach Investigations Report (2021 DBIR) by US-based Verizon Business analyzed 29,207 security incidents from data collected from 83 contributors, with victims spanning 88 countries, 12 industries, and three world regions.
The report showed that with an unprecedented number of people working remotely, phishing and ransomware attacks increased by 11 percent and 6 percent, respectively, with instances of misrepresentation increasing by 15 times compared to last year.
Additionally, breached data showed that 61 percent of breaches involved credential data. About 95 percent of organizations suffering credential stuffing attacks had between 637 and 3.3 billion malicious login attempts through the year.
Elegant Themes - The most popular WordPress theme in the world and the ultimate WordPress Page Builder. Get a 30-day money-back guarantee. Get it for Free
“The Covid-19 pandemic has had a profound impact on many of the security challenges organisations are currently facing,” said Tami Erwin, CEO of Verizon Business, in a statement.
“As the number of companies switching business-critical functions to the cloud increases, the potential threat to their operations may become more pronounced, as malicious actors look to exploit human vulnerabilities and leverage an increased dependency on digital infrastructures,” Erwin added.
Among Financial and insurance industries, 83 percent of data compromised in breaches was personal data, while in Professional, Scientific and Technical Services industries, only 49 percent was personal.
Further, the 2021 DBIR report also revealed many breaches that took place in Asia Pacific regions were caused by financially motivated attackers — phishing employees for credentials and then using those stolen credentials to gain access to mail accounts and web application servers.
Europe, the Middle East and Africa regions saw basic web application attacks, system intrusion, and social engineering, while Northern America was the target of financially motivated cyber criminals searching for money or easily monetisable data. Social engineering, hacking and malware continued to be the favoured tools utilised by cyber criminals in this region.