According to a 2021 report from IBM and the Ponemon Institute, the average cost of a data breach among companies surveyed reached $4.24 million per incident in 2021, the highest in 17 years. The shift to hybrid or remote work was certainly a contributing factor, but what was the top contributor to these numbers? The answer: compromised credentials that led to compromised data.
While stolen user credentials were the most common root cause of breaches in the study, customer personal data such as names, emails, and passwords were the most common type of information exposed. In fact, 44% of breaches within the study included this type of data. The Identity Theft Resource Center issued a press release with additional, startling numbers around data breach trends through Q3 of 2021.
- The number of data breaches publicly reported in the U.S. decreased 9% in Q3 2021 (446 breaches) compared to Q2 2021 (491 breaches). However, the number of data breaches through September 30, 2021 has exceeded the total number of events in full-year 2020 by 17% (1,291 breaches in 2021 compared to 1,108 breaches in 2020).
- For Q3 2021, the number of data compromise victims (160 million) is higher than Q1 and Q2 2021 combined (121 million). The dramatic rise in victims is primarily due to a series of unsecured cloud databases, not data breaches.
- The total number of cyber-attack-related data compromises year-to-date (YTD) is up 27% compared to FY 2020. Phishing and ransomware continue to be the primary attack vectors.
So what about ransomware attacks? In the past, data in a ransomware attack wasn’t actually stolen. Rather, it was encrypted so that the victim would have to pay a ransom to regain access. Thus, while not all ransomware attacks are considered data breaches, the Coveware Quarterly Ransomware Report documented a trend that today nearly half of ransomware attacks steal data before encrypting systems. So how can you protect yourself, your organization, and your clients as 2021 comes to an end?
According to a 2021 report, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have observed increases in ransomware attacks during the holiday season when offices are normally closed, or working at a limited capacity. In 2020, the FBI and CISA reported a 20% increase in the number of ransomware incidents, and a 225% increase in ransom demands. As Thanksgiving and the holiday season approach, here are several tips for protecting your organization:
- Make an offline backup of your data
- Do not click on suspicious links
- If you use Remote Desktop Protocall (RDP) or other potentially risky services, secure and monitor them
- Update your OS and software
- Scan for vulnerabilities
- Use strong passwords
- Use multi-factor authentication
- Secure your networks
- Secure your user accounts
- Have an incident response plan
Paying a ransom does not guarantee that files/data will be recovered, nor does it ensure protection from future breaches. Should your organization fall victim to a data breach or ransomware attack, here are some recommendations for recovery:
- Notify your bank before paying a ransom (Do this first)
- Notify your IT vendor before paying a ransom
- Report the incident to CISA, a local FBI field office, and file a report with IC3
- Follow the Ransomware Response Checklist on page 11 of the CISA-MS-ISAC Joint Ransomware Guide
- Scan your backups with an antivirus program to check that it is free of malware