Security News > 2021 > May > Verizon DBIR 2021: Ransomware, Web App and Phishing Attacks Dominate
The annual bible of security breaches landed on Thursday with confirmation of more bad news: ransomware attacks continue to explode as organizations struggle with securing web apps, cloud deployments and employees victimized by social engineering.
The data, contained in the new Verizon 2021 Data Breach Investigations Report, shows that data-encrypting ransomware attacks appear in about 10 percent of breaches, more than double the frequency from last year.
After crunching the data, the DBIR found that the ransomware spike was influenced by new tactics, where some ransomware actors are stealing the data and naming-and-shaming victims during extortion negotiations.
The report also calls out a spike in attacks against web applications, noting that web-app hacks are the main attack vector in the "Hacking actions" category, accounting for more than 80 percent of all documented data breaches.
The 2021 DBIR is based on the analysis of nearly 30,000 incidents and more than 5,200 confirmed data breaches.
More than 5,000 of the incidents and nearly 1,500 of the confirmed data breaches covered by the latest DBIR impacted organizations in the APAC region, where the most common type of attack involved financially-motivated hackers phishing employee credentials and using them to access email accounts and web application servers.
News URL
Related news
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- Ransomware hits web hosting servers via vulnerable CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)