A new report reveals ransomware remains one of the top cyberattack methods making up 24% of all breaches.

Verizon Business recently released the results of its 16th annual Data Breach Investigations Report (2023 DBIR), which analyzed 16,312 security incidents and 5,199 breaches. Chief among its findings is the rising cost of ransomware — malicious software (malware) that encrypts an organization’s data and then extorts large sums of money to restore access.

According to the report, the median cost per ransomware more than doubled over the past two years to $26,000, with 95% of incidents that experienced a loss costing between $1 and $2.25 million. This rise in cost coincides with a rise in frequency over the past couple of years when the number of ransomware attacks was greater than the previous five years combined. At 24% of all breaches, ransomware remains one of the top cyberattack methods.

The human element still makes up the majority of incidents, and is a factor in 74% of total breaches, even as enterprises continue to safeguard critical infrastructure and increase training on cybersecurity protocols. One of the most common ways to exploit human nature is social engineering, which refers to manipulating an organization's sensitive information through tactics like phishing, in which a hacker convinces the user into clicking on a malicious link or attachment.

Like ransomware, social engineering is a lucrative tactic for cybercriminals, especially given the rise of those techniques being used to impersonate enterprise employees for financial gain, an attack known as Business Email Compromise (BEC). The median amount stolen in BECs has increased over the last couple of years to $50,000 USD, based on Internet Crime Complaint Center (IC3) data, which might have contributed to pretexting nearly doubling this past year. With the growth of BEC, enterprises with distributed workforces face a challenge that takes on greater importance: creating and strictly enforcing human-centric security best practices.

Other key report highlights:

• While espionage garners media attention, only 3% of threat actors were motivated by espionage. The other 97% were motivated by financial gain.
• 32% of yearly Log4j vulnerability scanning occurred in the first 30 days after its release, demonstrating threat actors’ velocity when escalating from a proof of concept to mass exploitation.
• External actors leveraged a variety of different techniques to gain entry to an organization, such as using stolen credentials (49%), phishing (12%) and exploiting vulnerabilities (5%).