Verizon recently published their 2016 Data Breach Investigations Report, filled with interesting data and statistics relating to cyber security. Since our world only seems to become more complex, and we continue to buy and activate more and more Internet- connected devices as the years go on, it makes sense that our vulnerability to hackers keeps increasing too.
The problem is that hackers don’t really have to spend their time innovating new, fancy ways to overcome software-vulnerability fixes, they just refine their older methods more and more over time. The sketchy-looking email from the past asking you to send money to a Nigerian prince has now evolved into a very authentic-looking email from your bank saying that you need to reset your credentials. In case you aren’t aware, this type of tactic is called “phishing,” and it involves sending an email that appears to be authentic, but in reality is a fake (yet made very convincingly to look like it’s the real thing). Hackers send phishing emails in order to get you to click on a link or open an attachment—which then steals your information or infects your device.
Still think that hackers are innovators? In their report, Verizon found that “over 90 percent of…data breaches could be categorized into one of nine incident patterns.” Since they studied over 100,000 different incidents, it’s remarkable that the tactics fall into such a small number of categories. Clearly, tried and true methods work—and they keep getting the hackers results. It’s almost regular news now that hackers are stealing money: either through phishing, ransomware, or another type of data breach.
A large part of why there are so many attacks is simply because there are more and more devices in the workplace—which means more and more opportunities for someone to gain entry into a business’s systems. If an employee has their credentials stolen in a phishing email, it’s only a short amount of time until the company’s network is being held for ransom or money is being stolen.
In fact, the Data Breach Investigations Report found that “13% of people tested click on a phishing attachment; median time to click is very short.” That’s basically saying that if you sent a phishing email to everyone at a company that it’s pretty much a sure thing you will get at least one person’s information. Though multifactor authentication and filtering with OpenDNS help, the hardest thing to protect against is employee error that allows a hacker in your front door.
There is still hope though. With phishing tactics being so popular for stealing information, the best way to combat this is with employee education.
Worried about your own company’s security? Contact us to see if you qualify for a free security risk assessment and we can show you different options on how to better protect yourself from threats like this.