PRE-COVID-19 , CYBERCRIMINALS WERE SUCCESSFULLY USING TRIED AND TESTED METHODS TO OBTAIN DATA . IT GOES WITHOUT SAYING THAT IF THESE TACTICS WORKED IN A STABLE BUSINESS ENVIRONMENT , THEY HAVE BEEN WORKING EVEN BETTER IN AN ERA OF UNPRECEDENTED DISRUPTION .
our renowned DBIR team has generated a three-month analysis – entitled Analysing the COVID-19 data breach landscape – which brings these threats under the spotlight .
Unlike our DBIR series , this study focuses on 36 confirmed data breaches which were identified as being related directly to the COVID-19 pandemic , and also reviews 474 data breach incidents from March to June 2020 based on contributor data and publicly disclosed incidents . We have combined this data with our own team ’ s observations drawn from our collective years of experience to ascertain the cybertrends that have most impacted businesses during this time .
Focusing on the tried and tested amidst the confusion
Pre-COVID-19 , cybercriminals were successfully using tried and tested methods to obtain data . It goes without saying that if these tactics worked in a stable business environment , they have been working even better in an era of unprecedented disruption .
Criminals are ultimately lazy in their approaches and , faced with a larger attack surface than usual during the pandemic , there has been no need to invent new attack strategies to achieve their goals .
Based on our observations we have seen the use of these common threat actors increase :
• Continued increase in error : Human error is often seen as a major cause of security incidents – in fact we reported that nearly a quarter of the breaches analysed in our 2020 DBIR were due to this . Faced with major disruption , increased workloads as a result of decreased workforces and of course , for many , the distraction of in-house family members and home-schooling , there is no wonder that more errors have been reported during the pandemic .
• Focus on stolen credential-related hacking : Our 2020 DBIR flagged that over 80 % of breaches were caused by stolen or brute-forced credentials . This has now been exacerbated by the large number of employees working from home requiring ongoing remote access and workstation maintenance . Business