skip to Main Content
+44 (0) 1628 308038

Verizon’s DBIR: most cyber attacks launched by organised crime groups for financial gain

Organised Crime Cyber Attacks

The vast majority of cyber attacks are perpetrated by organised crime actors for financial gain, rather than nation states for espionage purposes, according to a Verizon report on data breaches that analysed more than 157,000 security incidents and more than 3,900 confirmed data breaches across 81 countries over the last 12 months.

The 2020 Data Breach Investigations Report finds that the number of breaches doubled from the previous year – and are expected to climb even higher due to increased home working and a rise in attacks during the pandemic.

Here are five takeaways from from the report:

1. Most cyber attacks are money-motivated

The results show that 86 per cent of the breaches included in the report’s analysis were motivated by financial gain. Organised criminal groups were behind 55 per cent of the breaches. Nation state or state affiliated attacks were behind roughly 10 per cent of attacks, according to the report – meaning cash still tops espionage as a motivator.

2. Personal data is in high demand

The report showed that personal data has become the greatest temptation for cyber criminals, with nearly 60 per cent of all data breaches involving personal data being snatched.

3. Passwords are vulnerable to attackers

Credential theft, phishing and business email compromise type incidents accounted for more than two-thirds of data breaches. On the other hand, Trojan type malware is on the decline: since peaking at just under 50 per cent of all breaches in 2016, it has since dropped to a mere sixth of what it was at that time (6.5 per cent).

4. Attacks were perpetrated more by outsiders than insiders

The data shows that 70 per cent of the breaches were perpetrated by external actors; the other 30 per cent was by internal actors.

5. Errors become ubiquitous

The research shows that errors are now equally as common as social breaches, and more common than malware. Only hacking ranks higher, and this is down to credential theft and use.

The good news is that organisations can invest in Security Awareness Training to help offset this gap in security. By educating remote users on current phishing and social engineering methods, employees can strengthen the organisation’s security at the new home “perimeter”.

With thanks to NS Tech. The full story is here:

Request A Demo: Security Awareness Training


New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defence. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser:

Close search
Back To Top