According to the results of Verizon’s 2016 Data Breach Investigations Report, released on Wednesday (April 27), cybercriminals have become quite adept at using their victims’ human nature against them in order to get what they want.
The annual study found that hackers are continuing to rely on attack methods such as phishing and ransomware, both of which enable them to capitalize on the element of human error.
For example, the study found that nearly 63 percent of confirmed data breaches involved using weak, default or stolen passwords. The data also shows that most cyberattacks exploit vulnerabilities that are known to the targeted organization and have never been addressed, even if security patches have been available for months or years.
“In fact, the top 10 known vulnerabilities accounted for 85 percent of successful exploits,” a press release stated.
In a statement about the report, Chris Formant, president of Verizon Enterprise Solutions, said:
“The Data Breach Investigations Report’s increasing importance to businesses, law enforcement and governmental agencies demonstrates a strong desire to stay ahead of cybercrime. Now, more than ever, the collaboration and contributions evidenced in the DBIR from organizations across the globe are required to fully understand the threat landscape. And understanding is the first step toward addressing that threat.”
The report shows phishing — when emails that seemingly look legitimate are actually sent from unauthorized fraudulent parties — in particular has seen a particular surge over the last year. Roughly 30 percent of phishing messages were opened, which Verizon noted as an “alarming” number, marking a 23 percent increase compared to 2015.
“You might say our findings boil down to one common theme — the human element,” Bryan Sartin, executive director of global security services at Verizon Enterprise Solutions, explained. “Despite advances in information security research and cyberdetection solutions and tools, we continue to see many of the same errors we’ve known about for more than a decade now. How do you reconcile that?”