Publications

The Verizon 2022 DBIR

The Verizon 2022 Data Breach Investigations Report is out. We are proud to collaborate as a supporting contributor to this year’s data efforts once again and to have contributed for the past 8 years. The report provides interesting analysis of a full amount of global incident data.

Several things stand out in the 2022 report:

  • Ransomware challenges continue to mount — “Ransomware’s heyday continues, and is present in almost 70% of malware breaches this year.”
  • Social engineering became an overwhelming problem this past year, highlighting the surge in repeated cybercrime tactics — 1. “The human element continues to be a key driver of 82% of breaches and this pattern captures a large percentage of those breaches.” 2. “Actor Motives: Financial (89%), Espionage (11%).”
  • APT activity continues to be high, was underreported in the past, and while it possibly continues to be underreported, its reporting is increasing: “Financial has been the top motive since we began to track it in 2015. However, that same year the rise of hacktivism (particularly leaks) accounted for many attacks. Espionage-related attacks were not even on the radar, but seven years later the world is a very different place. Espionage has taken the 2nd place spot for years, and hacktivism is, for the most part, simply an afterthought. Before we move on, however, it should be noted that while espionage has almost certainly increased over the last few years, the fact that it did not appear at all in 2015 was quite likely due to our contributors and general case load at the time.”
  • System intrusions were heavily weighted at the top by two vectors: “‘Partner’ and ‘Software update’ as the leading vectors for incidents. This is primarily attributed to one very large and very public security incident that happened last year. We’ll give you a hint, it rhymes with ‘PolarShins’.” These data points fall under the supply chain discussion for us, and we continue to see that trend into this year — the “supply chain” is actively targeted and abused as a deployment tactic around the world, and we expect it to continue.

Business leaders should be sure to check out Appendix C — Behavior. It maintains an interesting approach on quantifying success in training programs, “In 2021 we reported that the human element impacted 85% of breaches, which decreased slightly to 82% this year. Unfortunately, strong asset management and a stellar vulnerability scanner aren’t going to solve this one.”

Perhaps next year we will read more about IoT and industrial issues, we’ll see. In the meantime, enjoy this year’s publication!

The Verizon 2022 DBIR

Your email address will not be published. Required fields are marked *

 

  1. Ahmed

    Wow

  2. Ray

    NA

    1. Securelist

      Hi Ray!

      Do you mean the link to Verizon is not available?

Reports

Meet the GoldenJackal APT group. Don’t expect any howls

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.

APT trends report Q1 2023

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

Subscribe to our weekly e-mails

The hottest research right in your inbox