The 15th edition of Verizon’s annual Data Breach Investigations Report (DBIR) was released Tuesday with an air of nostalgia woven into its characteristically powerful look at the past year in cyberattacks — a 12-month stretch the authors dubbed ” overwhelming” and “extraordinary”.
“From highly publicized attacks on critical infrastructure to massive supply chain breaches, the financially motivated criminals and nefarious nation-state actors have rarely, if ever, swung as they have over the past 12 months,” the report said .
The authors do not name large cases such as Colonial Pipeline, Kaseya or JBS at this point in the report. The document also does not include data directly influenced by Russia’s invasion of Ukraine.
For the DBIR, the total numbers are decisive.
And the 2022 report reconfirms what cyber professionals already know intuitively over the last few years: there is a dominant motivation for attackers (financial gain) and a less common motivation that is still on everyone’s lips (espionage). Everything else is history for now.
“Bottom line: most data thieves are professional criminals who are deliberately trying to steal information that they can monetize,” the report said. About 93 percent of all breaches were financially motivated, according to the DBIR, and about 6 percent were clearly for espionage purposes. One motivation that had its heyday in the early 2010s — hacktivism — “is largely an afterthought,” says the report.
The “R” word is, of course, unavoidable. “This year, ransomware has continued its upward trajectory with a nearly 13% increase — a surge that’s as large as the past five years combined,” the report said. “It’s important to remember that while ransomware is ubiquitous and potentially devastating, at its core it is simply a model for monetizing an organization’s access.”
The DBIR notes that in the early days the report only analyzed data generated by Verizon, but now the project has 87 partners (including The Record’s parent company, Recorded Future).
One thing has definitely not changed since 2008, according to DBIR: online servers — as opposed to networks and individual devices — are still the top target for cybercriminals, accounting for 83 percent of the total.
“It seems like servers in data breaches, like JNCO jeans and spiked hair in haute couture, are timeless,” says DBIR.