C-level executives – who have access to a company’s most sensitive information, are now the major focus for social engineering attacks, alerts the Verizon 2019 Data Breach Investigations Report. Senior executives are 12x more likely to be the target of social incidents, and 9x more likely to be the target of social breaches than in previous years – and financial motivation remains the key driver. Financially-motivated social engineering attacks (12 percent of all data breaches analyzed) are a key topic in this year’s report, highlighting the critical need to ensure ALL levels of employees are made aware of the potential impact of cybercrime.
“Enterprises are increasingly using edge-based applications to deliver credible insights and experience. Supply chain data, video, and other critical – often personal – data WILL be assembled and analyzed at eye-blink speed, changing how applications utilize secure network capabilities” comments George Fischer, president of Verizon Global Enterprise. “Security must remain front and center when implementing these new applications and architectures. “Technical IT hygiene and network security are table stakes when it comes to reducing risk. It all begins with understanding your risk posture and the threat landscape, so you can develop and action a solid plan to protect your business against the reality of cybercrime. Knowledge is power, and Verizon’s DBIR offers organizations large and small a comprehensive overview of the cyber threat landscape today so they can quickly develop effective defense strategies.”
A successful pretexting attack on senior executives can reap large dividends as a result of their – often unchallenged – approval authority, and privileged access into critical systems. Typically time-starved and under pressure to deliver, senior executives quickly review and click on emails prior to moving on to the next (or have assistants managing email on their behalf), making suspicious emails more likely to get through. The increasing success of social attacks such as business email compromises (BECS -which represent 370 incidents or 248 confirmed breaches of those analyzed), can be linked to the unhealthy combination of a stressful business environment combined with a lack of focused education on the risks of cybercrime.
This year’s findings also highlight how the growing trend to share and store information within cost-effective cloud based solutions is exposing companies to additional security risks. Analysis found that there was a substantial shift towards compromise of cloud-based email accounts via the use of stolen credentials. In addition, publishing errors in the cloud are increasing year-over-year. Misconfiguration (“Miscellaneous Errors”) led to a number of massive, cloud-based file storage breaches, exposing at least 60 million records analyzed in the DBIR dataset. This accounts for 21 percent of breaches caused by errors.
Bryan Sartin, executive director of security professional services at Verizon comments, “As businesses embrace new digital ways of working, many are unaware of the new security risks to which they may be exposed. They really need access to cyber detection tools to gain access to a daily view of their security posture, supported with statistics on the latest cyber threats. Security needs to be seen as a flexible and smart strategic asset that constantly delivers to the businesses and impacts the bottom line.”
Major findings in summary
The DBIR continues to deliver comprehensive data-driven analysis of the cyber threat landscape. Major findings of the 2019 report include:
- New analysis from FBI Internet Crime Complaint Center (IC3): Provides insightful analysis of the impact of Business Email Compromises (BECs) and Computer Data Breaches (CDBs). The findings highlight how BECs can be remedied. When the IC3 Recovery Asset Team acts upon BECs, and works with the destination bank, half of all US-based business email compromises had 99 percent of the money recovered or frozen; and only 9 percent had nothing recovered.
- Attacks on Human Resource personnel have decreased from last year: Findings saw 6x fewer Human Resource personnel being impacted this year compared to last, correlating with W-2 tax form scams almost disappearing from the DBIR dataset.
- Chip and Pin payment technology has started delivering security dividends: The number of physical terminal compromises in payment card related breaches is decreasing compared to web application compromises.
- Ransomware attacks are still going strong: They account for nearly 24 percent of incidents where malware was used. Ransomware has become so commonplace that it is less frequently mentioned in the specialized media unless there is a high profile target.
- Media-hyped crypto-mining attacks were hardly existent: These types of attacks were not listed in the top 10 malware varieties, and only accounted for roughly 2 percent of incidents.
- Outsider threats remain dominant: External threat actors are still the primary force behind attacks (69 percent of breaches) with insiders accounting for 34 percent.
Putting business sectors under the microscope
Once again, this year’s report highlights the biggest threats faced by individual industries, and also offers guidance on what companies can do to mitigate against these risks.
“Every year we analyze data and alert companies as to the latest cybercriminal trends in order for them to refocus their security strategies and proactively protect their businesses from cyber threats. However, even though we see specific targets and attack locations change, ultimately the tactics used by the criminals remain the same. There is an urgent need for businesses – large and small – to put the security of their business and protection of customer data first. Often even basic security practices and common sense deter cybercrime,” comments Sartin.
Industry findings of note include:
- Educational Services: There was a noticeable shift towards financially motivated crime (80 percent). 35 percent of all breaches were due to human error and approximately a quarter of breaches arose from web application attacks, most of which were attributable to the use of stolen credentials used to access cloud-based email.
- Healthcare: This business sector continues to be the only industry to show a greater number of insider compared to external attacks (60 versus 42 percent respectively). Unsurprisingly, medical data is 18x more likely to be compromised in this industry, and when an internal actor is involved, is it 14x more likely to be a medical professional such as a doctor or nurse.
- Manufacturing: For the second year in a row, financially motivated attacks outnumber cyber-espionage as the main reason for breaches in manufacturing, and this year by a more significant percentage (68 percent).
- Public Sector: Cyber-espionage rose this year – however, nearly 47 percent of breaches were only discovered years after the initial attack.
- Retail: Since 2015, Point of Sale (PoS) breaches have decreased by a factor of 10, while Web Application breaches are now 13x more likely.
More data from highest number of contributors ever means deeper insights
“We are privileged to include data from more contributors this year than ever before and had the pleasure of welcoming the FBI into our fold for the very first time,” adds Sartin. “We are able to provide the valuable insights from our DBIR research as a result of the participation of our renowned contributors. We would like to thank them all for their continued support and welcome other organizations from around the world to join us in our forthcoming editions.”
This is the 12th edition of the DBIR and boosts the highest number of global contributors so far – 73 contributors since its launch in 2008. It contains analysis of 41,686 security incidents, which includes 2,013 confirmed breaches. With this increase of contributors Verizon saw a substantial increase of data to be analyzed, totaling approximately 1.5 billion data points of non-incident data.
This year’s report also debuts new metrics and reasoning which helps identify which services are seen as the most lucrative for attackers to both scan for and attack at scale. This analysis is based on honeypot and internet scan data.
The complete Verizon 2019 Data Breach Investigations Report as well as Executive summary is available on the DBIR resource page. Any organization wishing to become a DBIR contributor should contact email@example.com for further information.
Dinesh Nair Appointed as Director for Consumer Business Lenovo India
Global technology leader Lenovo has appointed Dinesh Nair as Director, Consumer Business for India region. Dinesh succeeds Mr. Shailendra Katyal, who has recently been appointed Site Leader for Lenovo India and Managing Director of Lenovo’s PC and smart device business in India.
Dinesh Nair has been an integral part of the Lenovo India consumer business for more than 11 years and has worked successfully across several roles. His most recent role was as the sales & channel management lead for Lenovo’s consumer segment in India. He has handled leadership responsibilities across offline general trade retail, distribution management, field sales, eCommerce, large format retail and category management, and has been a key contributor to the company’s growth journey in India.
“During this difficult time in India, we are working hard to ensure the safety of our employees, partners and customers and I am grateful that we have excellent leaders in place to bring our team together and offer this support. I am proud to hand over the reins of the consumer business to Dinesh. At the same time, this is a demonstration of our commitment to developing talent internally. I am sure he, along with the consumer leadership team, will propel the business to new heights,” said Shailendra Katyal, Managing Director, Lenovo India.
ASUS ROG Announces ROG Masters Asia Pacific eSports Tournament
ASUS ROG will host its first ROG Masters Asia Pacific eSports tournament from March to April 2021. Due to COVID-19 pandemic affecting travel around the region, the tournament will be conducted entirely online, with quarterfinal to final matches livestreamed.
The ROG Masters tournament will feature Counter-Strike: Global Offensive (CS:GO) as the official game title will provide opportunity to teams with enthusiastic players to pitch their skills against each other, as well as the best professional teams from their market and in the region.
The tournament will see various teams from 15 markets across the region vying for the chance to be crowned as the first ROG Masters Asia Pacific Edition CS:GO Champion.
The tournament will be played in three stages played over the course of 2 months:
- Country qualifiers
- Country finals
- Asia Pacific finals
Country qualifiers matches for India will start in the second week of April 2021; 8th April and the finals to be held on the 10th April. The India finals to find the top three teams to represent the country will be livestreamed live on 10th April.
Professional teams from across the region will be automatically placed into seeded positions in the country finals. This gives a greater chance for non-professional, enthusiast teams from India to get through the qualifiers and meet the pro teams in the country finals.
Country Champions will then go on to experience battling winning teams from other APAC markets in the finals that will be livestreamed during 22nd to 25th April 2021.
3 qualifying teams from India finals will stand to win US$800 for first place, US$400 for second place, US$200 for third place. They will then go on to the Asia Pacific finals with the chance to win the following prizes for the championship:
|ROG Masters APAC Championship||APAC Finals (USD/ team)|
Registration and Official Tournament Website
Registration for the first ROG Masters Asia Pacific tournament opens on February 8, 2021 at the tournament’s official website.
Registration closes on February 28, 2021 Further details, match schedules, pro team information as well as rules and regulations can also be found on the tournament website.
Garena Launches Free Fire South Asia Showdown: Battle of the Stars
Garena has announced the Free Fire South Asia Showdown: Battle of the Stars, Free Fire’s first-ever esports tournament for the South Asia region. Taking place on 6 February, the tournament will feature some of the gaming community’s favourite Free Fire streamers and personalities from India, Pakistan, Nepal, and Bangladesh.
The Free Fire community has continued to expand in South Asia and across the world, with the mobile battle royale game the most downloaded mobile game globally in 2020, according to App Annie. Through the Free Fire South Asia Showdown: Battle of the Stars, Garena will look to continue its efforts to excite and delight its fast-growing South Asian community with exciting Free Fire content, and to support and develop the incredible online community in the region.
The Free Fire South Asia Showdown: Battle of the Stars will feature a total of 12 teams. Each team will be led by one of the top 3 streamers from each of the 4 participating nations – chosen by public voting – in this epic clash to determine the best in the region.
The 12 teams will compete in the Battle Royale Squad mode for a slice of the 1 million diamond prize pool. The ultimate winner of this star-studded tournament will receive 500,000 in-game diamonds; the first and and second runners-up will be awarded 300,000 and 200,000 diamonds respectively.
The Free Fire South Asia Showdown: Battle of the Stars will feature some of the most popular streamers and personalities from across South Asia.
The team captains for each nation are:
- Total Gaming (19.4 Million YT Subs)
- Desi Gamers (7.8 Million YT Subs)
- Two-Side Gamers (6.85 Million YT Subs)
- Gaming with Nayeem (1.6 Million YT Subs)
- Illusionist YT (479K YT Subs)
- Gaming With Zihad (698K YT Subs)
- Sooneeta (3.26 Million YT Subs)
- Bshow Mgr (399K YT Subs)
- Tonde Gamer (2.37 Million YT Subs)
- RKG ARMY (1.77 Million YT Subs)
- Unusual Gamer (81K YT Subs)
- The Skinzo FF (75.5K YT Subs)
Fans can witness all the high-octane action by tuning in to the live broadcasts of the Free Fire South Asia Showdown: Battle of the Stars. These will be hosted on Free Fire Esports India YouTube and Facebook, Free Fire Bangladesh Official YouTube and Facebook, as well as on BOOYAH!.
To cater to the diverse South Asian community, the matches will be streamed with live commentary in 5 languages – Bengali, English, Hindi, Nepali and Urdu.
Gadgets4 days ago
RAEGR Launches ‘Vocalz 250’ Condenser Mic Kit
Trending4 days ago
Redmi India Sold 2 Million Note 10 Series Smartphone Worth Rs. 3000+ Crores
Gadgets4 days ago
Relive The Old Memories This Fathers’ Day with Saregama Carvaan
Trending3 days ago
Avail Big Discounts on Infinix Smartphones During from Flipkart’s Big Saving Days Sale
Smartphone4 days ago
TECNO SPARK 7T with 48MP AI Dual Rear Camera Launched in India
Gaming4 days ago
Garena Announced Schedule for City Finals of Free Fire City Open
Trending3 days ago
Realme Brings Amazing Offers on Its Smartphones on Flipkart
Gadgets4 days ago
pTron Launches New Smart Wearables, Starting at Rs. 899/-