Cybersecurity threats just kept growing in 2019, according to a new report by The Crypsis Group, an incident management and digital forensics company.
On Thursday, the company released its 2020 Incident Response and Data Breach Report, which found that cyber criminals have “significantly escalated tactical approaches” and become more targeted in their actions.
Ransomware attacks and business email compromise (BEC) were the two most impactful cyber threats in 2019, in terms of both business disruption and monetary loss. Ransomware demands spiked 200% last year, and BEC fraud losses averaged $264,117 per incident.
“Since 2018, threat actors have evolved from deploying mass-distributed phishing campaigns with lower ransom demands to highly targeted, well-researched attacks on larger enterprises with deeper pockets,” said Bret Padres, CEO of The Crypsis Group. “We believe these new methods represent a tactical shift in response to stronger enterprise security defenses and an associated reduction in organizations’ willingness to pay.”
The report also found that so-called “insider threats” were on the rise, with its investigations of such threats rising about 70% from 2018.
“In terms of motive, 57% of attacks were waged by employees looking to advance their careers and who were departing the victim organization, whether or not the organization was aware of the employee’s impending departure,” The Crypsis Group said.
Healthcare and financial services were the industries most likely to be affected by a cybersecurity incident, the report found.
“Compared to other industry sectors, these verticals store, transmit and process high volumes of monetizable sensitive information that disproportionately attract threat actors,” the company said.