Annual report that investigated the damage situation of cyber crime Verizon publishes the 2018 edition, Ransomware rapidly increases

A Verizon Enterprise Solutions business management division of Verizon of the United States got a report on data violation damage "Verizon 2018 Data Breach Investigations Report (DBIR)We announced. In the cyber attack of 2017 it turns out that the use of "Ransomuuea" has increased greatly.

2018 Data Breach Investigations Report | Verizon Enterprise Solutions
https://www.verizonenterprise.com/verizon-insights-lab/dbir/

Highlights of the Verizon 2018 Data Breach Investigations Report
https://www.templarbit.com/blog/2018/04/11/highlights-of-the-verizon-2018-data-breach-investigations-report

Verizon 2018 Data Breach Investigations Report: Ransomware still a Top Cybersecurity Threat | 2018-04-10 | Security Magazine
https://www.securitymagazine.com/articles/88907-verizon-2018-data-breach-investigations-report-ransomware-still-a-top-cybersecurity-threat

In the 11th annual report DBIR this time we analyzed 53,000 incidents related to cyber attacks and confirmed data leaks in 2216 cases. Statistical data that tells the actual state of cyber attack is as follows.

The criminal
About the subject of cyber attacks, 73% were crimes committed by external offenders. However, it has been found that there are more than 30% of the accomplices in the interior. In addition, accidents caused by organized criminal groups accounted for 50%, and 12% of crimes committed by state and government organizations were reported.


·victim
Among the targets of cyber attacks, SMEs accounted for a majority of 58%. This is probably due to insufficient resources to devote to security measures inherent in SMEs. By category, the healthcare business is 24%, the accommodation and food business is 15%, and the public institution is 14%.


· Attack method
The most common attack method is "hacking", followed by "malware". Even among malware, "ransom request type"Ransomware"Accounting for 39% of data breach cases caused by malware, almost two times more abusive cases than the previous year, which is a serious threat to every company.


Attack Path
The web application is not good on the attack route. Specifically, "Account advise" "Code injection"Path traversalIt is a general attack method. Although these attacks have affected all industries ranging from retailing to public institutions, damage has been brought to financial and high-tech companies in particular.


As a company preparing for cyber attacks, it should be self-defense by "quick software update", "2 step certification as much as possible", "construction of daily security check system" and "separation of confidential data from the network" Measures of companiesTemplarbitI advise you.