Reports from cybersecurity companies in 2023 show mixed trends regarding the number of global data breaches, ransomware attacks, records affected and government costs. But one thing is clear: Cyber attack impacts steadily grow.
September 03, 2023 •
Was that major cyber incident a ransomware attack, a data breach or both? How many records were impacted? Did personally identifiable information (PII) get compromised? How long were they down? Were backups usable? Did the business survive? When was the business able to fully restore their operations? What did the incident cost?
I often get asked these questions (and more), and the answers can take months or years to be released after an event. In some instances, the specific details remain hidden from public view — concealed inside the databases of cyber insurance companies or classified files guarded by three-letter government agencies.
And yet, as the cyber attack headlines just keep pouring in from universities, banks, governments, hospitals, public utilities and more, the rising impacts to society increase — even as many have become almost numb to the overall affect.
Here are just a few of the recent incident headlines I am talking about:
DATA AND TRENDS, PLEASE
No doubt, this is just a very small sampling of the number of cyber attacks that hit the mainstream and technology media every week. Critics oftentimes argue, “Show me the data. What are the trends? Are things getting better or worse?”
To which I generally reply, “It depends.” (I know. A good lawyer’s answer.)
Allow me to first provide you with a plethora of recent information, data and trend reports before providing my take on what’s going on right now regarding global cyber attacks. After each of these headlines, I offer a brief excerpt to help.
Security Week: Cybersecurity Companies Report Surge in Ransomware Attacks
“The 2023 IBM Security Cost of a Data Breach Report shows the average data breach cost has increased to $4.45 million ($165 per record), with data breaches in the United States being the costliest at an average of $9.48 million, up 0.4 percent from last year. Data breaches are the costliest that they have ever been and have increased by 15 percent since 2020. The data for this year’s report was collected by the Ponemon Institute and included breach data from 553 organizations in 16 countries with interviews conducted with thousands of individuals. All data breaches studied for the report occurred between March 2022 and March 2023.
“For the 13th year in a row, health-care data breaches were found to be the costliest, with the average cost increasing to $10.93 million, which is a 53.3 percent increase over the past 3 years and an 8.22 percent increase from the $10.10 average breach cost in 2022. Small organizations with fewer than 500 employees saw average data breach costs increase by 13.35 percent year over year to $3.31 million.”
Security Intelligence: Cost of a data breach 2023: Financial industry impacts
“According to the IBM Cost of a Data Breach Report 2023, the global average cost of a data breach in 2023 was $4.45 million, 15 percent more than in 2020. In response, 51 percent of organizations plan to increase cybersecurity spending this year.
“For the financial industry, however, global statistics don’t tell the whole story. Finance firms lose approximately $5.9 million per data breach, 28 percent higher than the global average. In addition, evolving regulatory concerns play a role in how financial companies respond to cyber attacks and where they’re investing to reduce total risk.
“When it comes to calculating the true cost of a data breach for financial firms, monetary loss is just the beginning.
“Consider common threat vectors. While 48 percent of financial attacks start with malicious actors, human error accounts for 33 percent. Phishing and compromised credentials take the top spots for initial attack vectors at 16 percent and 15 percent, respectively. If attackers are successful, they often have access to millions of transaction and client records — the average cost for breaches of 50 million records or more now tops $300 million.”
Verizon.com: 2023 Data Breach Investigations Report: frequency and cost of social engineering attacks skyrocket
“The median cost per ransomware more than doubled over the past two years to $26,000, with 95 percent of incidents that experienced a loss costing between $1 and $2.25 million. This rise in cost coincides with a dramatic rise in frequency over the past couple of years when the number of ransomware attacks was greater than the previous five years combined. That prevalence held steady this year: Representing almost a quarter of all breaches (24 percent), ransomware remains one of the top cyber attack methods.
“The number of breached user accounts climbed 156 percent to hit 110.8 million in the second quarter of 2023, with the U.S. and Russia among the top locations where these users reside.
“Some 49.8 million of breached accounts were from the U.S., accounting for 45 percent of the global figure. Russia ranked second at 15.3 million, followed by Spain at 3.7 million, according to the latest numbers from VPN provider Surfshark. Worldwide, data breaches grew 2.6 times compared to the first quarter, with an average of 855 accounts leaked every minute in the second quarter.”
Infosecurity Magazine: Critical Insight Report: 15% Drop in Breaches, 31% Surge in Victims
“The report notes an overall decrease of 15 percent in total breaches during the first half of 2023 compared to the latter half of 2022 — a positive development given the industry’s previous upward trend in attacks. This suggests a potential downturn in breaches for the entire year, making 2023 the lowest breach count since 2019.
“However, the decline in breaches was counterbalanced by a significant 31 percent increase in the number of individuals affected by data breaches during H1 2023 compared to H2 2022. This surge resulted in 40 million individuals being impacted within six months, equivalent to 74 percent of the total affected in 2022.”
SOME MORE HISTORICAL DATA BREACH CONTEXT
And last, but certainly not least, we have this recent report from CSO Online and Ninja One that covers “The 15 biggest data breaches of the 21st century.” Here’s a summary:
Yahoo has had the largest data breach so far, with 3 billion data records compromised in 2013.
First American Financial Corporation had the second-largest breach with 885 million records compromised in 2019, and Facebook holds the third-largest data breach with 540 million records compromised in 2019.
Yahoo data breaches account for two of the largest known data breaches.
“A new study has revealed that Yahoo’s data breach in 2013 had the greatest number of compromised data records, with three billion records compromised.
1. Yahoo (2013) – 3 billion records The 2013 attack on Yahoo is the largest known data breach in history, with all three billion Yahoo user accounts at the time being compromised. Originally, it was reported that only one billion user accounts were compromised, but this figure was later revised to three billion. The attack resulted in data such as email addresses, passwords, dates of birth, and telephone numbers being stolen.
2. First American Corporation (2019) – 885 million records Financial services provider First American Corporation has the second largest known data breach in history, with 885 million records being compromised in 2019. The breach was a result of poor security practices on their servers, with sensitive information being accessible to external users. This information included bank account details, Social Security digits, wire transactions, as well as other mortgage paperwork.
3. Facebook (2019) – 540 million records The third largest known data breach belongs to social media giant Facebook, with 540 million records compromised in 2019. Third-party app developers posted the records on a public Amazon cloud server with the compromised records including information such as account names, IDs, and information about reactions and comments on posts.
4 (Tie). Marriott International (2018) – 500 million records Hotel chain Marriott International has the tied fourth largest known data breach, with 500 million records compromised in a 2018 attack. Hackers suspected of working on behalf of the Chinese government were behind the attack on Marriott’s reservation database. The information that was compromised included unencrypted passport numbers and encrypted credit card numbers stored on the same server as their encryption keys.
4 (Tie). Yahoo (2014) – 500 million records The second time Yahoo has featured on this list, the 2014 attack was the tied fourth largest known data breach, with 500 million records compromised. The attack resulted in information such as names, email addresses, telephone numbers, dates of birth, and answers to security questions being stolen.”
The famous Mark Twain line, “Figures don’t lie, but liars figure,” can certainly apply to these stats.
The data breach numbers and costs keep going up, but one quarter may be less or more than the previous quarter, depending on the sector, and who is included or not included. Also, are you counting the number of incidents, records breached, costs, restoration time, dwell time or some other key metric?
Nevertheless, the reason I wrote this blog post now is not to compare IBM to Verizon data breach reports. Nor is it to analyze which sectors are up and which are down this year or quarter or month or week regarding cyber attacks.
The bottom line is that we continue to see major cyber attacks disrupt the lives of Americans and others around the world on a daily basis in every area of life. Schools and hospitals are not able to operate. Banks lose personal data and governments shut down, leaving emergency services disabled.
The impacts of cyber attacks continue to grow louder, but most people have become so used to the noise that they fail to pay proper attention. This new normal is scary, almost like bodily injury by a thousand cuts that come one a day, rather than one huge Cyber Pearl Harbor incident that shuts down society overall.
These overarching questions seem almost impossible to answer:
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
See More Stories by Dan Lohrmann
*** This is a Security Bloggers Network syndicated blog from Lohrmann on Cybersecurity authored by Lohrmann on Cybersecurity. Read the original post at: https://www.govtech.com/blogs/lohrmann-on-cybersecurity/ransomware-and-data-breaches-impacts-continue-to-grow-louder