Verizon: the impact of COVID-19 on data breaches
“We have seen organizations quickly move their workforces en-mass to remote working; e-commerce has increased, with many industries - and especially retail and food services now relying more heavily on their online presence and cloud-based workflows; and health providers have also moved to online service delivery, to name just a few industries the pandemic has impacted,” commented .
However, while organisations have made rapid changes in response to the outbreak, Verizon believes that “Unfortunately, in these times of rapid change and confusion, cybercriminals have been watching and looking to capitalise on any opportunity for financial gain. In order to shed light on the increasing number of threat actors worrying cyber security specialists, our renowned DBIR team has generated a three-month analysis - entitled “” - which brings these threats under the spotlight.”
Within the analysis report the study focuses on 36 confirmed data breaches which have been identified as a direct relation to COVID-19. In addition the study reviews 474 data breach incidents from March to June 2020. Verizon combines this data with their collective years of experience to determine cyber trends that have impacted businesses.
Prior to COVID-19, Verizon explains that cybercriminals were successfully using tried and tested methods to obtain data. It goes without saying that if these tactics worked in a stable business environment, they have been working even better in an era of unprecedented disruption. Criminals are ultimately lazy in their approaches and, faced with a larger attack surface than usual during the pandemic, there has been no need to invent new attack strategies to achieve their goals.”
Based on its research, Verizon has seen the use of four common factors:
- Increase in error: “human error is often seen as a major cause of security incidents - in fact we reported that nearly a quarter of the breaches analysed in our 2020 DBIR were due to this.”
- Increase in stolen credential hacking: Verizon’s 2020 DBIR noted that more than 80% of breaches were caused by stolen or brute-forced credentials. “This has now been exacerbated by the large number of employees working from home requiring ongoing remote access and workstation maintenance.”
- Increased use of ransomware: “we saw that several incidents reviewed within the COVID-19 dataset involved the use of ransomware. These involved the copying and posting of data (either partially or entirely) publicly online,”
- Phishing emails play on emotions: “phishing has always been a popular cybercrime tactic,” commented Verizon. “Prior to COVID-19 we flagged that credential theft and social attacks such as phishing and business email compromises were at the root of the majority of breaches (over 67&). Combine this attack success with uncertainty, fear and the need for COVID-19 information, then you will understand why phishing emails containing the words "COVID" or "CORONAVIRUS, “masks”, "test”, "quarantine" and "vaccine” were found to be widely used within this time period.”
With these threats in mind, the telecommunications company explains that by gaining insight into the evolving tactics harnessed by cybercriminals and developing comprehensive strategies during this period, organisations will be able to set a more productive course of action to create a secure business environment.