A new report from Verizon Communications Inc. detail the growth in data breaches over the last year, finding that business email compromise attacks have almost doubled and now represent more than half of all social engineering incidents.

The 16th annual Data Breach Investigations Report, released Tuesday, analyzed 16,312 security incidents and 5,199 breaches to come to its conclusions. The human element in breaches contributed to 74% of all incidents, often via errors, misuse of privileges, stolen credentials, or through social engineering tactics.

Some 83% of breaches were found to involve external actors, with financial gain being the primary motivator, accounting for 95% of incidents. The main ways attackers infiltrate an organization include stolen credentials, phishing and exploitation of vulnerabilities.

Ransomware remains a significant threat, with the report finding that 24% of all breaches involve ransomware, affecting organizations of all sizes across various industries. The report also found that the median cost of ransom attacks has more than doubled over the last two years to $26,000, with 95% of incidents that experienced a loss costing between $1 million and $2.25 million.

Log4j attacks, which first emerged in December 2021, were highlighted in the report, which found over 32% of all activity happening within 30 days of its release, with the most significant activity spike occurring within 17 days. The finding is noted as highlighting the quickness with which cybercriminals can exploit newly released vulnerabilities.

“With the median costs of ransomware attacks doubling since last year and reaching the million-dollar range, the new Verizon DBIR once again highlights the upward inflationary trend of the cost of data breaches,” Bhaven Panchal, senior director of service delivery at threat intelligence solutions company Cyware Labs Inc., told SiliconANGLE. “Another striking revelation is the prevalence of the human element as the contributing factor behind breaches, whether it be through errors, privilege misuse, use of stolen credentials, or social engineering.”

Roy Akerman, co-founder and chief executive at security platform provider Rezonate Inc., noted that the report highlighting the dependency on privileged identities and access in a cloud and software-as-a-service-dominated environment is a key indicator and enabler of the increase in business email compromise.

“The attackers need to obtain access, making identity security more critical than ever,” Akerman added. “This aligns with the fact that the root cause of 74% of breaches were identity-related or enabled, which aligns with Verizon DBIR findings over the last decade.”

Image: Verizon