Verizon 2015 Data Breach Investigations Report Finds Cyberthreats Are Increasing in Sophistication; Yet Many Cyberattacks Use Old Techniques

Full Transparency

Our editorial transparency tool uses blockchain technology to permanently log all changes made to official releases after publication.

More of our content is being permanently logged via blockchain technology starting [10.23.2020].

Learn more
Digital investigation

NEW YORK – Verizon’s “2015 Data Breach Investigations Report,” released today, reveals that cyberattacks are becoming increasingly sophisticated, but that many criminals still rely on decades-old techniques such as phishing and hacking. 

According to this year’s report, the bulk of the cyberattacks (70 percent) use a combination of these techniques and involve a secondary victim, adding complexity to a breach.

Another troubling area singled out in this year’s report is that many existing vulnerabilities remain open, primarily because security patches that have long been available were never implemented. In fact, many of the vulnerabilities are traced to 2007 – a gap of almost eight years. 

As in prior reports, this year’s findings again pointed out what Verizon researchers call  the “detection deficit” – the time that elapses between a breach occurring until it’s discovered. Sadly, in 60 percent of breaches, attackers are able to compromise an organization within minutes. 

Yet the report points out that many cyberattacks could be prevented through a more vigilant approach to cybersecurity.

“We continue to see sizable gaps in how organizations defend themselves,” said Mike Denning, vice president of global security for Verizon Enterprise Solutions. “While there is no guarantee against being breached, organizations can greatly manage their risk by becoming more vigilant in covering their bases. This continues to be a main theme, based on more than 10 years of data from our ‘Data Breach Investigations Report’ series.”

This year’s comprehensive report offers an in-depth look at the cybersecurity landscape, including a first-time overview of mobile security, Internet of Things technologies and the financial impact of a breach. 

The report indicates that, in general, mobile threats are overblown. In addition, the overall number of exploited security vulnerabilities across all mobile platforms is negligible.  

While machine-to-machine security breaches were not covered in the 2014 report, the 2015 report examines incidents in which connected devices are used as an entry point to compromise other systems. The report also examines the co-opting of IoT devices into botnets -- a network of private computers infected with malicious software and controlled without the owners’ knowledge -- for denial-of-service attacks.

This data reaffirms the need for organizations to make security a high priority when rolling out next-generation intelligent devices.

Verizon Develops New Model for Estimating the Cost of a Breach

Verizon security analysts used a new assessment model for gauging the financial impact of a security breach, based on the analysis of nearly 200 cyberliability insurance claims. The model accounts for the fact that the cost of each stolen record is directly affected by the type of data and total number of records compromised, and shows a high and low range for the cost of a lost record (i.e. credit card number, medical health record). 

For example, the model predicts that the cost of a breach involving 10 million records will fall between $2.1 million and $5.2 million (95 percent of the time), and depending on circumstances could range up to as much as $73.9 million. For breaches with 100 million records, the cost will fall between $5 million and $15.6 million (95 percent of the time), and could top out at $199 million.

“We believe this new model for estimating the cost of a breach is groundbreaking, although there is definitely still room for refinement,” said Denning. “We now know that it’s rarely, if ever, less expensive to suffer a breach than to put the proper defense in place.”

Nine Basic Patterns Make Up 96 Percent of Security Incidents

Verizon security researchers explained that the bulk (96 percent) of the nearly 80,000 security incidents analyzed this year can be traced to nine basic attack patterns that vary from industry to industry. This finding, first presented in last year’s report, is again central to Verizon’s “2015 Data Breach Investigations Report.” This approach can help enterprises effectively prioritize their security efforts and establish a more focused and effective approach to fighting cyberthreats.

As identified in the 2014 DBIR, the nine threat patterns are: miscellaneous errors, such as sending an email to the wrong person; crimeware (various malware aimed at gaining control of systems); insider/privilege misuse; physical theft/loss; Web app attacks; denial-of-service attacks, cyberespionage; point-of-sale intrusions; and payment card skimmers.

This year’s report found that 83 percent of security incidents by industry involve the top three threat patterns, up from 76 percent in 2014.

Enterprise Organizations Must Act Now

The longer it takes for an organization to discover a breach, the more time attackers have to penetrate its defenses and cause damage. In more than one quarter of all breaches, it takes the victim organization weeks, or even months, to contain the breaches.   

This year’s report is packed with detailed information and improvement recommendations based on seven common themes:

  • The need for increased vigilance.
  • Make people your first line of defense.
  • Only keep data on a need-to-know basis.
  • Patch promptly.
  • Encrypt sensitive data.
  • Use two-factor authentication.
  • Don’t forget physical security.

The Data Breach Investigations Report Series Is Based on Actual Caseloads

Now in its eighth year of publication, the “2015 Data Breach Investigation Report” analyzes more than 2,100 confirmed data breaches and approximately 80,000 reported security incidents in this year’s report alone. The report addresses more than 8,000 breaches and nearly 195,000 security incidents that have occurred over more than 10 years. The DBIR also includes security incidents that don’t result in breaches, in order to offer a better survey of the cybersecurity landscape. Verizon is among 70 global organizations that contributed data and analysis to this year’s report. 

Download the Report

The full “2015 Data Breach Investigations Report,” high-resolution charts and additional resources supporting the research are available on the DBIR Resource Center.

Verizon Delivers Unparalleled Managed Security Services

Verizon is a leader in delivering global managed security solutions to enterprises in the financial services, retail, government, technology, healthcare, manufacturing, energy and transportation sectors. Verizon combines powerful intelligence and analytics with an expansive breadth of professional and managed services, including customizable advanced security operations and managed threat protection services, next-generation commercial technology monitoring and analytics, rapid incident response and forensics investigations and identity management. Verizon brings the strength and expert knowledge of more than 550 consultants across the globe to proactively reduce security threats and lower information risks to organizations. 

For more information, visit the Verizon Enterprise Website. For ongoing security insight and analysis from some of the world's most distinguished security researchers, read the Verizon Security Blog.

Related Articles

04/23/2014
Verizon security researchers have found that 92 percent of the 100,000 security incidents analyzed over the past ten years can be traced to nine basic attack patterns that vary from industry to industry. This finding is one of the highlights of Verizon’s “2014 Data Breach Investigations Report.”
04/23/2013
The “Verizon 2013 Data Breach Investigations Report” reveals that large-scale financial cybercrime and state-affiliated espionage dominated the security landscape in 2012.