Verizon released their ninth annual Data Breach Investigations Report (2016DBIR) last month, which reports on the major security breaches and methods used by hackers to compromise businesses and governmental organizations. When it comes to hacking, organized crime syndicates lead the way with phishing email schemes that are culpable in 89% of security breaches, followed by “state-affiliated actors” which accounted for another 9% of attacks.
Phishing has transitioned from the “good ole” days when clicking on the link would take you to an obviously fake bank site to capture your login credentials. The 2016DBIR study found that 70% to 90% of malware hitting an organization is “unique” to that organization, meaning that the hackers slightly modified the malware signature hashtags so it would look like a NEW virus, even though the malware impact was the same (loading ransomware, capturing login credentials, etc.). This means that today’s stealthier version is usually customized to each company and tricks more victims into downloading a viable looking invoice or RFP request.