Verizon Data Breach Report is one of the most prominent data breach reports to review the threat trends, threat actors and vulnerabilities organizations have to address. It also includes the industries trends. Based on the 2024 report, here are the key points regarding actors, industries, and threats:

• Actors & Industries: The report indicates that External actors, particularly Organized crime, are the most prevalent threat actors, often targeting industries like Public Administration, Healthcare, and Financial and Insurance sectors.

• Threat Tactics: These actors primarily use tactics such as Exploitation of Vulnerabilities (especially MOVEit and similar zero-day vulnerabilities) and Ransomware/Extortion attacks to initiate breaches.

• Human Element: A significant portion of breaches involves the human element, with Pretexting and Phishing being common social actions used by threat actors.

• Third-Party Risks: The report also highlights the rise in breaches involving third-party risks, including partner infrastructure and software supply chain issues, emphasizing the need for organizations to select vendors with better security track records.

These points summarize the actors’ focus, the industries they target, and the threats they employ based on the current threat landscape.

The most common industries targeted or impacted according to the report.

• Educational Services: This sector experienced a significant impact, particularly from the MOVEit incident, with more than 50% of the breached organizations belonging to this industry.

• Healthcare: There’s a notable trend of insider threats in the Healthcare sector, with Personal data being the primary target.

• Information: The Information industry saw a high number of breaches, with Ransomware and Use of stolen credentials being top action varieties.

• Manufacturing: System Intrusion remains a top threat, with Ransomware and Use of stolen credentials being common attack methods.

• Retail: Shifts in focus from Payment card data to Credentials have been observed, with Pretexting on the rise. Denial of Service attacks also pose significant disruption risks.

These industries are highlighted due to their prominence in the report’s findings and the specific challenges they face in terms of cybersecurity threats.

The report highlights regional differences in threat trends.

APAC:

• System Intrusion, Social Engineering, and Basic Web Application Attacks are prevalent.

• External actors dominate (98% of breaches), with financial motives in 75% of cases.

• Credentials are the most compromised data type (69%).

EMEA:

• Miscellaneous Errors, System Intrusion, and Social Engineering are common patterns.

• Nearly equal distribution of external (51%) and internal (49%) threat actors.

• Personal data is frequently compromised (64%).

NA (Northern America):

• System Intrusion, Social Engineering, and Basic Web Application Attacks top the list.

• External actors are responsible for most breaches (93%), with a 97% financial motive.

• Personal data and credentials are often targeted.

These trends indicate that while some threats are common across regions, there are notable differences in the types of attacks and the data compromised. For instance, APAC sees a higher compromise of credentials, while EMEA experiences a significant number of internal threats. NA, on the other hand, has a high occurrence of financially motivated external threats.

Some key strategies organizations can implement to mitigate the risk of exploitation through vulnerabilities:

• Patch Management: Regularly update and patch systems to address known vulnerabilities, especially those listed in the CISA’s Known Exploited Vulnerabilities Catalog.

• Secure by Design: Encourage software vendors to prioritize security in their product development to reduce the number of vulnerabilities.

• Vendor Accountability: Hold software vendors responsible for the security outcomes of their products and choose vendors with better security track records.

• Minimize Attack Surface: Limit the attack surface by keeping as many web applications as possible behind VPNs and ensuring that desktop sharing software is not directly connected to the internet.

Checkout the latest report 2024 Data Breach Investigations Report

Stay informed by subscribing to our premium blogs or schedule a consultation to address your business requirements. Subscribe or Schedule consultation