Financial gain was a bigger motivator than espionage in data breaches in 2019, a report from US telecom giant Verizon revealed on Tuesday.
The Verizon Business 2020 Data Breach Investigations Report found that 9 out of 10 security breaches were motivated by profit, with confirmed data breaches doubling from 2018.
— Tami Erwin (@TamiErwinVZ) May 16, 2020
86 percent of breaches were used for extorting money rather than spying, with common breaches including credential theft, phishing and compromising business emails, accounting for 67 percent of cybercrimes, the report said.
Breaches on cloud and web applications also jumped to 43 percent, or double the number of incidences in 2018, the report said.
27 percent of malware incidences were caused by ransomware, or programmes that disable access to computers or encrypt computer data in exchange for money.
Top economic sectors affected by data breaches were Professional, Technical and Scientific Services, followed by Public Administration and Information at 7,463 incidents and 326 confirmed data disclosures, 6,843 incidents and 346 disclosures, and 5,741 incidents with 360 disclosures, respectively, the report found.
— Angelo G Longo (@aglongo) May 18, 2020
The findings come as big tech companies such as Twitter, Google and Facebook and others plan to extend remote working until the end of 2020, with more businesses adopting similar models, potentially risking further data breaches as employees take to unsecured WiFi networks.
Work-From-Home Office Model Raises New 'Security Red Flags' - Verizon CEO
Verizon Business Group chief executive, Tami Erwin, said that the digital transformation caused by working from home amid the COVID-19 pandemic has presented numerous 'security red flags'.
She told Reuters: “A lot of people ended up sending workers to work from home without really thinking through what were some of the security elements in the future. I think employees working from home are probably more vulnerable to attacks.”
The news comes after the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) accused 'Chinese actors' of stealing data on COVID-19 research, which Beijing has strongly and routinely denied.
A European Grid Infrastructure (EGI) security report found attackers in Poland and China were allegedly stealing SSH credentials from supercomputers in Germany, Switzerland, Spain and the United Kingdom to mine cryptocurrencies.
Internet-of-Things (IoT) and smartphones could allow cybercriminals to identify users via biometric and device information, a study presented at a web conference in Taipei in late April revealed.
