6 Fun Facts from Verizon’s 2017 Data Breach Report (No really. They are fun)

Every year, Verizon compiles a report summarising the cyber crime activity of the previous 12 months, complete with trends and interesting stats. The original includes 70 or so pages which you may not have the time to wade through, so here are the edited highlights…

81% of hacking-related breaches leveraged either stolen and/or weak passwords

Our passwords and their safe protection remain our #1 vulnerability. You know where to go to fix that problem!

73% of breaches were financially motivated

They just want our money.

66% of malware was installed via malicious email attachments

If you want to let hackers into your home or fancy having your computer held to ransom by criminals then opening that curious email attachment from that stranger is singularly the best way to make that happen.

7% succumbed to a phishing attack

1 in 14 people got suckered into opening a virus-infected attachment or clicking on a dangerous link in an email. Or put another way, in the average 100-person company, we might expect 7 members of staff to open a dodgy email and then proceed to open the dodgy attachment that came with it. Seven. Each year.

25% of those that got stung in a phishing attack went on to get stung again (for pity’s sake)

We're still not doing a great job of learning how to spot and avoid dodgy and damaging emails.

95% of phishing attacks resulted in the installation of malware

If you open that attachment, bad things are very definitely going to happen.

If you do get stung by ransomware, you might find https://www.nomoreransom.org/ helpful. They have multiple free decryption tools which you use to (hopefully) put your ransomware-d system back to where it was in the good old days.

Thanks to the good folk at Verizon for publishing their Data Breach Investigations Report, the source of all of the stats reproduced above. You can get your copy at http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/. It comes highly recommended. I defy you to find another security whitepaper that mentions Leicester City F.C.

Simon Gibbard