Executives in cyberattack firing line

Members of the so-called C-suite – executives such as chief risk officer, chief finance officer, and so on – were twelve times more likely to be the target of social cyberattack incidents over the last twelve months, according to the latest Verizon study. They were also nine times more likely to be the target of social breaches than in years past, Verizon’s 2019 data breach investigations report found.

“To further underline the growth of financial social engineering attacks, both security incidents and data breaches that compromised executives rose from single digits to dozens in this report,” it added, alerting risk managers to the increased risk of executives falling foul of cybersecurity threats.

Cloud

In addition, as companies continue to move systems and services to the cloud, including email and other valuable data, criminals have shifted their focus to those platforms. “Consequently, there’s been a corresponding increase in hacking cloud-based email servers via the use of stolen credentials,” the report said. “This is not an indication that cloud- based services are less secure, however. It is simply that phishing attacks, credential theft and configuration errors are a natural by-product of the process.”

While ransomware attacks have become less prominent in the media, the practice is still prevalent, Verizon found. Such attacks account for about one quarter of all incident where malware has been used to gain access to systems.

Fewer clicks

On the plus side, people seem to be much more aware of the danger of phishing attacks. Click-through rates on phishing simulations for data partners fell from 24% to 3% during the past seven years, Verizon said. However, almost one in five people who clicked on test phishing links did so on mobile devices.

“Research shows mobile users are more susceptible to phishing, probably because of their user interfaces and other factors,” the company said. “This is also the case for email-based spear phishing and social media attacks.”

As data breaches continue to create serious problems for their victims, growth in the incident response market is picking up. Over the next five years, the incident response market is expected to register a 17.1% CAGR in terms of revenue, with the global market size potentially reaching US$ 24 billion by 2024, from US$ 11 billion in 2019, according to Market Study Report.

Data breach best practices

Keep it clean. Many breaches are a result of poor security hygiene and a lack of attention to detail. Clean up human error where possible, then establish an asset and security baseline around internet-facing assets like web servers and cloud services.

Maintain integrity. Web application compromises now include code that can capture data entered into web forms. Consider adding file integrity monitoring on payment sites, in addition to patching operating systems and coding payment applications.

Redouble your efforts. 2-factor authenticate everything. Use strong authentication on customer- facing applications, any remote access and cloud-based email. There are examples of 2-factor authentication vulnerabilities, but they don’t excuse lack of implementation.

Be wary of inside jobs. Track insider behaviour by monitoring and logging access to sensitive data. Make it clear to staff just how good you are at recognizing fraudulent transactions.

Scrub packets. Distributed denial of service (DDoS) protection is an essential control for many industries. Guard against non-malicious interruptions with continuous monitoring and capacity planning for traffic spikes.

Stay socially aware. Social attacks are effective ways to capture credentials. Monitor email for links and executables. Give your teams ways to report potential phishing or pretexting.

Source: Verizon 2019 data breach investigations report

  • About Enterprise Risk Magazine

    Enterprise Risk Magazine is the leading quarterly title for risk managers and enterprise risk, with a print circulation of over 5,500.

    Enterprise Risk is published on behalf of the Institute of Risk Management (IRM). The majority of IRM members receive their copy of Enterprise Risk at their home address, meaning the title... Read more
  • Categories

  • Tags