Cyber criminals increasingly targeting HR: Verizon
Individuals, companies, and governments are increasingly adopting digital technologies for the many benefits they offer. However, this rapid rise has also given birth to new-age vulnerabilities and threats that are entirely virtual in nature.
Nearly one year back, the WannaCry ransomware attacks, probably the biggest and most infamous of its kind, not only affected millions of individuals, thousands of companies and halted critical services – but also helped the society realize just how vulnerable it is.
Thus, it becomes critical to have an objective look at these threats, assess their strength, study instances of breaches and prepare for a safer future. The Verizon 2018 Data Breach Investigation Report (DBIR) does that, and some more. The Verizon 2018 (DBIR) – currently in its 11th edition – was released last month and has an analysis of over 53,000 ransomware incidents and 2,216 cybersecurity breaches from 65 countries and 67 contributing organizations.
Following are some of the business and HR related findings of the report:
- Ransomware attacks have doubled since the last year and are increasingly targeting business critical systems.
- The attacks are usually carried out using via unsuspecting employees, who infiltrate business systems.
- The HR department is specifically targeted in order to steal information on employee wages and taxes; to be misused for tax frauds and rebates.
- 170 such incidents were reported this year, as compared to 61 last year. Of these, 88 were specifically targeted towards HR staff to obtain personal data of employees.
- The instances of pretexting – a social engineering technique which involves the creation of false situations to obtain sensitive information – have gone up over five times in the last year.
- Financial pretexting and phishing represent 98% of social incidents and 93% of all breaches investigated.
- In 96% of the cases, email was the main entry point.
- Organisations are about three times more likely to get breached by social attacks than via actual vulnerabilities.
- Ransomware came out at the most common form of malicious software as it was found in 39% of all malware-related cases studied this year. Just four years back in 2014, it was the 22nd most malicious software.
- The report says that hackers exploit the ‘human factor’ and target ‘non-IT personnel’, which they consider to be the most vulnerable and easy to infiltrate.
- Industries identified as more vulnerable by the report are education, financial and insurance, healthcare, information and public sector.
- The sources of the attacks were found to be: outsiders (72%), insiders (27%), partners (2%) and multiple partners (2%).
- Organized crime groups were responsible for 50% of the attacks analyzed.
- Hackers are targeting businesses and corporations because they can make bigger ransom demands, and can thus, become more profitable, with lesser work.
"Employees should be a business’s first line of defense, rather than the weakest link in the security chain. Ongoing training and education programs are essential. It only takes one person to click on a phishing email to expose an entire organization... Companies also need to continue to invest in employee education about cybercrime and the detrimental effect a breach can have on a brand, reputation, and the bottom line.”- Bryan Sartin, Executive Director, Security Professional Services, Verizon
The findings of the report spell it out loud and clear: cyber attacks targeting business critical systems are on the rise. Thankfully, in addition to making employees aware and investing in sophisticated security technologies, the report lists some practical steps for organizations to prevent, or at least reduce, the chances of being under a cyber attack.
Following precautions need to be taken –
- Stay vigilant - log files and change management systems can give you early warning of a breach.
- Make people your first line of defense - train staff to spot the warning signs.
- Keep data on a “need to know” basis - only employees that need access to systems to do their jobs should have it.
- Patch promptly - this could guard against many attacks.
- Encrypt sensitive data - make your data next to useless if it is stolen.
- Use two-factor authentication - this can limit the damage that can be done with lost or stolen credentials.
- Don’t forget physical security - not all data theft happens online.