Report Finds Over 75 Percent of IT Breaches are Motivated by Money

Report Finds Over 75 Percent of IT Breaches are Motivated by Money

A report by Verizon has found that 76 percent of breaches are financially motivated, and 68 percent of those breaches took months or longer to discover.

  • By Sydny Shepard
  • May 17, 2018

A report by Verizon has found that 76 percent of breaches are financially motivated, and 68 percent of those breaches took months or longer to discover.

The 11th edition of Verizon's 2018 Data Breach Investigations Report has found has analyzed security breaches and incidents and provided insights usually not available in any other reports so far. The study confirms the widely-held belief that using stolen or compromised credentials are the most common approach hackers use to attack and breach systems.

The report says there has been 53,000 incidents and 2,216 confirmed data breaches this year. They define a breach as an incident that results in a confirmed disclosure of data by an unauthorized actor, while incidents are a security event that compromises the integrity, confidentiality or availability of an information asset.

There are a few key takeways from the report. The first is: Organized crime organizations complete 62 percent of external actor-based breaches, and system admins are the top internal actors responsible for breaches 25.9 percent of the time.

The report highlights databases as the top asset involved in breaches (19.6 percent), followed by POS terminals (15.8 percent), POS controllers (15.8 percent) and Web apps (13.7 percent). The wide variety of assets involved in breaches underscores how important it is to implement a Zero Trust Security approach across an enterprise and each of its endpoints.

The last key takeway from the report is that phishing and pretexting represents 93 percent of social attack-based breaches. Email continues to be the most common vector for launching social attacks, with 99 percent of the actors being external to organizations. Fifty-nine percent of phishing and pretexting attacks are motivated by financial gain, with an additional 38 percent motivated by corporate espionage.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • 2025 Security LeadHER Conference Program Announced

    ASIS International and the Security Industry Association (SIA) – the leading membership associations for the security industry – have announced details for the 2025 Security LeadHER conference, a special event dedicated to advancing, connecting and empowering women in the security profession. The third annual Security LeadHER conference will be held Monday, June 9 – Tuesday, June 10, 2025, at the Detroit Marriott Renaissance Center in Detroit, Michigan. This carefully crafted program represents a comprehensive professional development opportunity for women in security this year. To view the full lineup at this year’s event, please visit securityleadher.org. Read Now

    • Industry Events

  • Report: 82 Percent of Phishing Emails Used AI

    KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today launched its Phishing Threat Trend Report, detailing key trends, new data, and threat intelligence insights surrounding phishing threats targeting organizations at the start of 2025. Read Now

  • NRF Supports Federal Bill to Thwart Retail Crime

    The National Retail Federation recently announced its support for the Combating Organized Retail Crime Act of 2025. The act was introduced by Chairman Chuck Grassley, R-Iowa, Senator Catherine Cortez Masto, D-Nev., and Representative Dave Joyce, R-Ohio. Read Now

  • ISC West 2025 Brings Almost 29,000 Industry Professionals to Las Vegas

    ISC West 2025, organized by RX and in collaboration with the Security Industry Association, concluded at the Venetian Expo in Las Vegas last week. The nation’s leading comprehensive and converged security event attracted nearly 29,000 industry professionals and left a lasting impression on the global security community. Over five action-packed days, ISC West welcomed more than 19,000 attendees and featured 750 exhibiting brands. Read Now

    • Industry Events
    • ISC West

  • Tradeshow Work Can Be Fun

    While at ISC West last week, I ran into numerous friends and associates all of which was a pleasant experience. The first question always seemed to be, “How many does this make for you?” Read Now

    • Industry Events
    • ISC West
Most   Popular

New Products

  • Hanwha QNO-7012R

    Hanwha QNO-7012R

    The Q Series cameras are equipped with an Open Platform chipset for easy and seamless integration with third-party systems and solutions, and analog video output (CVBS) support for easy camera positioning during installation. A suite of on-board intelligent video analytics covers tampering, directional/virtual line detection, defocus detection, enter/exit, and motion detection.

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities