Ransomware Data Breaches' Growth Last Year Equal to Last 5 Years Combined, Verizon Report Says

  • By Kristal Kuykendall
  • 05/26/22

Data breaches resulting from ransomware attacks increased 13% last year — equal to the last five years’ increase combined — and are impacting more education organizations than ever, according to the recently released Verizon Business 2022 Data Breach Investigations Report.

The research is based on analysis of 914,547 incidents, 234,638 breaches, and 8.9 TBs of cybersecurity data since the first DBIR 15 years ago, Verizon said; the incident information is from Verizon Business data as well as 87 partners in the telecommunications and cybersecurity industries.

Researchers analyzed 23,896 cyber incidents last year, with 5,212 of those being data breaches, the report said.

In the education sector, DBIR researchers analyzed 1,241 cyber incidents, with 282 of those resulting in data breaches.

Key Findings Among Education Cyber Incidents:

  • 139 of the data breaches included the use of malware.
  • 123 of the data breaches were initiated by system intrusions.
  • 55 of the data breaches were initiated by basic web application attacks
  • 51 breaches resulted from from miscellaneous errors by humans.
  • Malware was found to in 437 of all education cyberattacks.
  • 790 of all cyberattacks were classified as hacking attempts.
  • 643 of all cyberattacks were classified as denial of service attacks.
  • 95% of all cyberattacks targeted the education organization’s servers.
  • 75% of cyber incidents were initiated by external threat actors.
  • 95% of breaches were motivated by threat actors seeking data for financial gain.
  • 63% of the data compromised was classified as personal, identifiable information.
  • 41% of data compromised was credentials.

The DBIR report noted that about four in five breaches is attributable to organized crime, adding that human error — primarily, misconfigured cloud storage — continues to be a dominant trend and is responsible for 13% of breaches. Internal sources accounted for just 18% of cyber incidents, the report said.

Learn more and download the full report at the Verizon Business website.

About the Author

Kristal Kuykendall is editor, 1105 Media Education Group. She can be reached at [email protected].


Featured

  • An elementary school teacher and young students interact with floating holographic screens displaying colorful charts and playful data visualizations in a minimalist classroom setting

    New AI Collaborative to Explore Use of Artificial Intelligence to Improve Teaching and Learning

    Education-focused nonprofits Leading Educators and The Learning Accelerator have partnered to launch the School Teams AI Collaborative, a yearlong pilot initiative that will convene school teams, educators, and thought leaders to explore ways that artificial intelligence can enhance instruction.

  • landscape photo with an AI rubber stamp on top

    California AI Watermarking Bill Supported by OpenAI

    OpenAI, creator of ChatGPT, is backing a California bill that would require tech companies to label AI-generated content in the form of a digital "watermark." The proposed legislation, known as the "California Digital Content Provenance Standards" (AB 3211), aims to ensure transparency in digital media by identifying content created through artificial intelligence. This requirement would apply to a broad range of AI-generated material, from harmless memes to deepfakes that could be used to spread misinformation about political candidates.

  • closeup of laptop and smartphone calendars

    2024 Tech Tactics in Education Conference Agenda Announced

    Registration is free for this fully virtual Sept. 25 event, focused on "Building the Future-Ready Institution" in K-12 and higher education.

  • cloud icon connected to a data network with an alert symbol (a triangle with an exclamation mark) overlaying the cloud

    U.S. Department of Commerce Proposes Reporting Requirements for AI, Cloud Providers

    The United States Department of Commerce is proposing a new reporting requirement for AI developers and cloud providers. This proposed rule from the department's Bureau of Industry and Security (BIS) aims to enhance national security by establishing reporting requirements for the development of advanced AI models and computing clusters.