Money Remains Motivating Factor for Hackers Around the World: Verizon

Image for Representation.

Image for Representation.

Verizon Business 2020 Data Breach Investigations Report found that confirmed data breaches doubled from the prior year.

  • Reuters
  • Last Updated: May 19, 2020, 12:35 PM IST

Money trumped spying as the top motivator for data breaches last year, according to Verizon’s annual report on cybercrimes published on Tuesday. About nine out of 10 breaches were financially motivated, based on an examination of more than 32,000 incidents and nearly 4,000 confirmed break-ins in 81 countries, the report said.

Verizon Business 2020 Data Breach Investigations Report found that confirmed data breaches doubled from the prior year. As the coronavirus pandemic has forced people indoors, cyber attacks on businesses are expected to climb. The report found that 86% of breaches were for money, not for purposes of spying. Credential theft, phishing and compromising business emails caused 67% of the cyber attacks.

As more businesses moved to web-based solutions, so did hackers. According to the report, breaches on web and cloud applications rose to 43%, double the previous year. Companies like Facebook Inc and Salesforce have extended working remotely to at least the rest of the year, with more businesses expected to follow suit. Verizon Business Group CEO Tami Erwin said the “digital transformation” to the work-from-home model during the coronavirus pandemic has presented a number of security red flags.

“A lot of people ended up sending workers to work from home without really thinking through what were some of the security elements in the future,” Erwin told Reuters. “I think employees working from home are probably more vulnerable to attacks,” Erwin said businesses can protect themselves from cyber attacks by keeping employees educated on phishing and other fraudulent tactics to access sensitive information.,Remains,Motivating,Factor,for,Hackers,Around,the,World:,Verizon,Cloud,applications,hacking,coronavirus,&publish_min=2020-05-21T06:18:15.000Z&publish_max=2020-05-23T06:18:15.000Z&sort_by=date-relevance&order_by=0&limit=2

Next Story


WhatsApp Hoax Claims This Message Can Steal All Your Money — DO NOT Fall for it

A new WhatsApp message is reportedly being circulated globally, claiming that a statutory message, which otherwise appears to be a harmless SMS urging you to pay your phone bill, is designed to instantly take over your phone and steal all the money from the netbanking app on your phone. However, an investigation by cyber security watchdog Sophos states that such forwarded WhatsApp messages are part of a hoax campaign. A note on the matter, written by Sophos’ principal cyber security research scientist Paul Ducklin, was shared with News18, giving us access to the message being circulated, and why you should not fall for it.

The WhatsApp message in question reads, “Straight from the City of London Police fraud team – Extremely sophisticated scam going about this morning. Definitely Danske bank customers but possibly all banks. You get a message saying a payment hasn’t been taken eg O2,Vodafone or EE [UK mobile providers] and to click here. As soon as you touch it the money is gone. They already have all your details and it’s the most advance scam the bank has ever seen. Pass this on to everyone. Please. This is from work this morning – they are being inundated with calls – thousands flying out of peoples accounts! Spread the word! (sic)”

However, the City of London police itself has since debunked the message’s claim to authority, stating that such messages are baseless. While most users in India will likely not be alarmed, Ducklin’s assessment of the situation suggests that this may be part of a new, more sophisticated cyber crime technique that attempts to rush users into taking action against their bank accounts. Since online and mobile banking are becoming mainstream in India too, it is very important for users to stay aware that such hoaxes which claim to warn them about a potential risk in their bank accounts.

What is curious in this case is that the message that is being forwarded on WhatsApp does not come with any clickable link attached to it. The coronavirus pandemic has sparked off an unprecedented spike in cyber criminal activities, with a sharp rise in phishing attacks being documented everywhere. In such times, the appearance of such obviously targeted hoax campaigns suggest that users should remain even more prudent about their online safety, including setting rigorous passwords, avoiding browser tracking, not clicking on any unknown links, and most importantly, not forwarding messages such as these without verifying their contents.


Mitsubishi Electric Cyber Attack May Have Breached National Defence Data, Says Japan

The Japanese defence ministry said late on Monday that sensitive data on defence equipment may have been breached as a result of cyberattacks on Mitsubishi Electric Corp, a major supplier of the country’s defence and infrastructure systems. The company has told the ministry that potentially stolen data included requirements for defence equipment that the ministry specified for contract bidders in October 2018, the ministry said in a statement.

The ministry said it was still in the process of investigating the security impact of the potential leak. Mitsubishi Electric did not win the contract in the auction. Mitsubishi Electric initially denied the possibility of a breach of sensitive defence and infrastructure data when it first reported on the 200-megabyte cyberattacks by a third party on Jan. 20. But subsequent checks at the company revealed that the defence ministry’s information that required special care was included in data potentially stolen by the attacks, Mitsubishi Electric said in a separate statement on Monday.

The company has said it first discovered the cyberattacks in June last year, more than half a year before it disclosed them to the public. The move follows a worrying trend in the cyber world, where targeted attacks are being held on companies that are contracted in increasingly important national projects. The increasing frequency of the attacks have often prompted many activists, regulators and legislators to call for establishing laws, practices and governance on how such data must be dealt with.

However, it has been increasingly difficult to deal with such issues, since the nature of cyber attacks have been constantly evolving. Going forward, it remains to be seen how nations deal with the prospect of such attacks, and how new laws are framed taking such variable factors into account.

(With inputs from Reuters)