The majority of all data breach incidents were due to pure hacking attacks, new research finds.
A report from Flashpoint found that of all data breach incidents reported in the first half of the year, six in ten (60%) were the result of “hacking” — when an individual (or group) accesses without permission. to business systems.
All in all, nearly 2,000 data breaches were reported globally in H1 2022, which is certainly not the exact number of incidents. What makes sense about this report, however, is that incidents resulting from misconfigurations have dropped nearly 50% year-over-year, from 27.3 to 1.4 billion records.
The report also discusses the danger of insider attacks. Apparently, only 23% of all incidents with confirmed origin were from insiders, and of that number, two-thirds (61%) were due to errors in handling data.
A total of 54 breaches have been confirmed as coming from an insider, some of which are relatively painless to the company (credit card theft at the point of sale), and some downright monstrous (stealing proprietary source code and the like).
Insider attacks are often described as one of the biggest threats to businesses. Sometimes they are intentional (when a disgruntled employee wants to directly harm the company), but most of the time they are simply the result of an honest mistake or negligence (for example, losing data (opens in new tab) via email by sending it to the wrong address, losing external storage devices, smartphone and laptops or the like).
This forces organizations not only to keep their exposure to the web to an absolute minimum, but also to increase their efforts to combat unauthorized access as much as possible.
Flashpoint says they can achieve that goal by improving their intelligence-gathering efforts, strengthening their systems and conducting regular audits.