For the tenth year, US telecommunications giant Verizon has published its “Data Breach Investigations Report” (DBIR) in 2017.
The 2017 edition reveals frightening shortcomings. One out of 14 users were duped by a phishing attack, and a quarter of these even fell for the ruse more than once. Moreover, in more than half of the breaches (defined as data loss following confirmed access by unauthorized third parties) stolen or easily guessable passwords were used.
The favored method of attack remains phishing, followed by the installation of malware. In 66 percent of the cases, this infiltration took place by means of malicious attachments. Phishing is also the most common means of attack for (industrial) espionage, often secretly carried out by state-sponsored perpetrators.
The crown for most common malware function in the crimeware world has been claimed by ransomware (we have already reported on this trend several times). In total, 73 percent of all breaches recorded were financially motivated.
By the way, cyber criminals are by no means only targeting large corporations. Nearly two-thirds of the victims logged by Verizon this year were companies employing fewer than 1000 members of staff.
The Verizon report also records that there has once again been a rise in breaches which are only discovered months or even years later.
In this regard, Retarus’ unique development Patient Zero Detection® can help companies to detect malware that has already found its way into the infrastructure and limit the harm it can do. Recipients of emails which have already been delivered containing malware or phishing URLs can be identified as soon as patterns appear in Retarus E-Mail Security‘s four scanning engines or its dedicated phishing filter. Being informed early about such “Patient Zeros” provides crucial assistance in limiting potential losses.
Patient Zero Detection® alerts administrators and recipients immediately about infected inboxes, enabling a timely response. Thanks to Patient Zero Detection® the origin of an attack and the list of recipients are known through the metadata. This simplifies forensics significantly. Targeted measures can be taken and filter settings can be optimized.