Verizon 2023: an explosion of ransomware attacks and cyber threats

On Tuesday, Verizon released its 16th Annual Data Breaches Report (DBIR). This report provides organizations with valuable insights from incidents analyzed by its Threat Research and Advisory Center. The DBIR is among the most anticipated reports in the cybersecurity industry, given the analysis of a large number of real incidents. For the 2023 DBIR, Verizon analyzed more than 16,000 security incidents and approximately 5,200 breaches.

Costs and frequency of ransomware attacks on the rise

According to FBI data in the report, the median cost of ransomware-related incidents has more than doubled in the past two years to $26,000. Losses were reported in only 7% of the cases, with victims losing between $1 and $2.25 million. According to Verizon, the data shows that “the total recovery costs from a ransomware incident are increasing, even if the ransom amount is smaller. This fact may suggest that the overall size of companies affected by ransomware is decreasing. Although the The amount demanded by threat actors is less for these smaller companies, they want to get whatever cash they can get. However, the additional costs of recovering their IT infrastructure, probably already burdened with technical debt, drives up the total losses."

The human element and the relevance of ransomware attacks

Ransomware accounts for 24% of cybersecurity incidents analyzed by Verizon. The number of ransomware attacks seen in the last two years was higher than in the previous five years combined. Additionally, the human element was involved in approximately three-quarters of the breaches investigated. Many of these attacks involved social engineering, a highly effective technique in enterprise email compromise (BEC) campaigns, which more than doubled from the previous year and accounted for more than half of incidents involving social engineering.

Motivations for attacks and the role of organizational leaders

"Senior leadership poses a growing cybersecurity threat to many organizations," said Chris Novak, director of cybersecurity consulting at Verizon Business. “Not only do they hold an organization's most sensitive information, but they are often among the least protected, as many organizations make security protocol exceptions for them. As social engineering grows and increases in sophistication, organizations must enhance the protection of their senior leaders now to avoid costly system intrusions." The report also shows that stolen credentials were used in nearly half of initial access breaches to an organization's systems, followed by phishing (12%) and exploiting vulnerabilities (5%). From a motivation perspective, 95% of the attacks observed in the last year were financially motivated, with the espionage goal present in only a small percentage of attacks. The complete Verizon 2023 Data Breach Investigations report is available in PDF format.