Verizon's 2024 Data Breach Investigations Report (DBIR) analysis reveals a significant uptick in breaches initiated through vulnerability exploitation, nearly tripling from the previous year with a 180% increase. This surge, largely driven by the impact of MOVEit and comparable zero-day vulnerabilities, underscores the predominant use of these tactics by ransomware and other extortion-related threat actors.
Source: Verizon
Ransomware or other extortion techniques were implicated in approximately one-third of all breaches, with pure extortion attacks constituting 9% of total breaches—a notable increase over the past year. While traditional ransomware incidents experienced a slight decline to 23%, the combined impact of both tactics surged to 32% of breaches. More alarmingly, ransomware remained a top threat across 92% of industries.
Over the last three years, the combination of ransomware and other extortion breaches constituted nearly two-thirds of financially-motivated attacks. FBI data from the Internet Crime Complaint Center (IC3) indicates a median loss of USD 46,000 associated with these breaches, with 95% of cases falling between USD 3 and USD 1,141,467.
Source: Verizon
In this year's dataset, the human factor played a role in 68% of breaches, mirroring figures from the previous period outlined in the 2023 DBIR. Notably, Verizon expanded the definition of breaches involving third parties to encompass instances where partner infrastructure or direct/indirect software supply chain issues are impacted—such as vulnerabilities in third-party software. These are breaches that organizations could potentially mitigate by selecting vendors with stronger security track records.
In the latest report, the third-party software breaches were recorded at 15%, marking a 68% increase from the previous year, largely driven by zero-day exploits in ransomware and extortion attacks.
Verizon’s dataset also reflects a rise in breaches due to errors, now comprising 28% of incidents. With this in mind, errors are observed to be more prevalent than commonly assumed.
Additionally, a troubling trend emerges as the median time for users to succumb to phishing emails is less than 60 seconds.
Source: Verizon
With the highest number of incidents reported – 16,619 incidents, 1,877 with confirmed data disclosure – 91% of the breaches in the North American region are represented by system intrusion, social engineering, and basic web application attacks. Among the compromised are personal (50%), credentials (26%), and internal (19%) data.
