Individual Attacks Down As Cyberattacks Focus On Holding Businesses Hostage
By a Biometrica staffer
January 29th 2021
There’s been an interesting mix of information on 2020, coming from different sources focused on data breaches and other cyberattacks. The Identity Theft Resource Center (ITRC), which has tracked publicly reported data breaches in the United States for more than 15 years, building a database that now includes details on 12,250+ data compromises, just released its 2020 edition, reporting that the number of data breaches saw a significant drop.
According to the ITRC, 2020 reported one major trend: A move away from mass attacks that targeted consumer and individual information, with cyber attackers focusing their attention instead on attacking businesses, effectively holding them hostage using stolen logins and passwords. Why? Less work for a larger payoff. As a result, there was a drop in the total number of data breaches, along with a drop in the number of people directly impacted by those breaches. The report stated, “cybercriminals are less interested in stealing large amounts of consumers’ personal information. Instead, threat actors are more interested in taking advantage of bad consumer behaviors to attack businesses using stolen credentials like logins and passwords. Due to the shift in tactics, ransomware and phishing attacks directed at organizations are now the preferred data theft method by cyberthieves.”
The ITRC report said that 2020 saw a total of 1,108 data breaches in the US, down 19% compared to 2019. In a year where an estimated 51% of American workers worked remotely, with 33% continuing to do so even now, and online purchases increasing by 33%, the number of individuals impacted by publicly reported data breaches fell to 300,562,519 —down 66 % over 2019.
A similar report by another cybersecurity firm, Risk Based Security, based on the first three quarters of 2020 and released last month, stated there were 2,953 publicly reported breaches Q1-Q3 globally. They too reported a decrease, 51%, in overall breaches compared to the same time period last year. Some of the other significant points in their report included these:
— Even by the end of Q2 (June 30, 2020), the year was already the “worst year on record” in terms of the total number of records exposed. By the end of September, they said an unprecedented 36 billion records had been exposed.
— Two breaches in Q3 exposed over 1 billion records each and four breaches exposed over 100 million records. Together, they stated, these six breaches accounted for approximately 8 billion exposed records, or 22.3% of the records exposed through the end of Q3.
Risk Based Security reported that between January to September 2020, their research team cataloged over 440 breaches that included a ransomware component to the attack in some way, about 21% of all breaches. They said this included what were both obvious “data breaches”, “where information was clearly taken, as well as those events that indicate attackers were inside systems or services and could have accessed sensitive data.” These ransomware-related events contributed to the unusually high number of unknown (11.2%) and miscellaneous (10.4%) data types exposed.
The Associated Press, quoting cybersecurity firm Coverware, which specializes in ransomware incident response and extortion negotiations on behalf of victimized companies, stated that the average ransomware payout has grown from less than $10,000 per event in 2018 to more than $233,000 per event in 2020.
Talking to Security magazine, Chris Hallenbeck, Chief Information Security Officer (CISO) for the Americas at California-based endpoint security and systems management company
Tanium, said that while the compromise of Twitter accounts held by several celebrities probably garnered the most headlines and was more click-bait than anything else, it offered “a valuable lesson for organizations of all sizes – employee education matters. Three teenagers managed to gain access to the accounts of public figures by simply convincing employees at the social media company that they were colleagues who needed access to the customer service portal. While this sounds simple, social engineering is more common — and more successful —than most people realize.”