Crypsis Releases 2020 Incident Response and Data Breach Report
June 2020 by Crypsis
The Crypsis Group announced the release of their 2020 Incident Response and Data Breach report. The report was derived from over 1,000 engagements conducted by The Crypsis Group experts and was developed to provide deep insights into real-world cybersecurity risks while offering detailed security "Pro Tips" in each risk area to help organizations defend against a wide range of threats.
The report reveals that threat actors across a range of cyberattack types have significantly escalated tactical approaches, becoming more targeted, conducting victim research and leveraging techniques that enable them to be more successful and extract higher-dollar payouts for their efforts. Ransomware attacks and Business Email Compromises (BEC) were the two most pervasive and impactful cyber threats in 2019 in terms of business disruption and monetary loss. According to the report, ransomware monetary demand amounts are trending up; threat actors have evolved, are employing more sophisticated tactics, and are adding data exfiltration and extortion to the mix.
"Since 2018, threat actors have evolved from deploying mass-distributed phishing campaigns with lower ransom demands to highly targeted, well-researched attacks on larger enterprises with deeper pockets," said Crypsis Group CEO, Bret Padres. "We believe these new methods represent a tactical shift in response to stronger enterprise security defenses and an associated reduction in organizations’ willingness to pay."
The Crypsis Group also found that BEC threat actors are also conducting lengthy research on victims to ensure a higher degree of success. Additionally, Insider Threats were the dark horse cyber risk of 2019. While nation state and e-crime threat groups garner the headlines, insidious insiders were found to be silently grabbing organizations’ sensitive data. Crypsis Insider Threat investigations rose approximately 70% year over year. In terms of motive, 57% of attacks were waged by employees looking to advance their careers and who were departing the victim organization, whether or not the organization was aware of the employee’s impending departure.
The report also details that Healthcare and Financial Services organizations are the top targeted industries to be affected by a security incident. Compared to other industry sectors, these verticals store, transmit, and process high volumes of monetizable sensitive information that disproportionately attract threat actors. The report notes that 16% of all incident response matters that Crypsis handled were within the Healthcare industry, with Financial Services coming in a close second at 14%.