No one thinks it's going to be them. Until it is. And that'sexactly what cybercriminals are banking on.

Society is so infused with technology that our digital footprintis practically glowing. But if we're not careful to cover ourtracks, our footprint can be used against us — individualsand companies alike.

Cyberespionage is now the most common type of attack across avariety of industries and organized criminal groups escalated theiruse ransomware to extort their victims, accordingto the Verizon 2017 Data Breach InvestigationsReport (DBIR).

While no individual or company is immune,Verizon's report offers insights on how to keep your data safegoing forward.

Related: 5 best practices to avoid a costly databreach

Continue reading… 

Verizon's DBIR noted a surge in ransomware attacks, as wellas an increase in cyberespionage among a variety ofindustries. (Photo: Shutterstock) 

The results are in

Nearly 2,000 breaches from 84 countries were analyzed in thisyear's report.

More than 300 were espionage-related, many of which started asphishing emails. Cyberespionage is now the most common type ofattack seen in manufacturing, the public sector andeducation. 

Related: 5 trends and factors that continue to impactcybersecurity in 2017

In addition, the DBIR noted a 50 percent increased in ransomwareattacks compared to last year. Many organizations rely onout-of-date security measures and aren't investing in securityprecautions, despite an abundance of affordableoptions. 

"There are vastly more small-businesses in the U.S. thanlarge-businesses," said Gabriel Bassett, senior informationsecurity data scientist. "Small-businesses are notimmune." 

Whether its medical records or payment carddetails, someone, somewhere will see it as anopportunity. 

"Often, even a basic defense will deter cyber criminals who willmove on to look for an easier target," Bryan Sartin, executivedirector, Global Security Services, Verizon Enterprise Solutions,said in a statement. 

Continue reading…

Phishing remains a go-to strategy among attacks relating tofinancials and cyberespionage. (Photo: Shutterstock)

Old techniques still work

The first instance of phishing was recorded sometime in 1995.After more than two decades, people are still falling forit. 

Related: 4 pitfalls to avoid in a cyber insurancepolicy

Verizon's DBIR found that 1 in 14 users were tricked intofollowing a link or opening an attachment — and a quarterof those went on to be duped more than once. 95 percent of attacksthat led to a breach were followed by some sort of softwareinstallation. The method is popular among both cyberespionage andfinancially motivated attacks. 

Bassett recommends that companies hire a vendor who will sendtest phishing email to their employees. There are specific hotspotsof people and departments who are more prone to attack, oftenbecause their job entails opening emails from outsidesources. Using that data will allow them to analyze susceptible employees andtrain them. 

"Accept that someone is gonna click," saidBassett. 

Continue reading… 

Cybercriminals are using pretexting to loot company money,often through emails targeting employees with access to itsfinancial reserves. (Photo: Shutterstock) 

New techniques on the rise

Cybercriminals will search endlessly for ways to dupe an unsuspecting target. They'refinding success in pretexting, which, simply put, is when someonepretends to be someone else.

Hackers are looking to engage in business email compromise.Often, someone sends an email where "the CEO" orders wire transferswith an urgent and believable back story. 

The DBIR urges companies to remind employees — particularly infinance — that no one will request a payment viaunauthorized processes. IT can also assist by marking externalemails with an unmistakable stamp. A lack of communicationcan lead to catastrophic results.

"Never use a single channel for communication for any monetarydecision over a certain amount," said Bassett. 

Related: Tax season: The most wonderful time of the year(for hackers!)