I often get asked these questions (and more), and the answers can take months or years to be released after an event. In some instances, the specific details remain hidden from public view — concealed inside the databases of cyber insurance companies or classified files guarded by three-letter government agencies.
And yet, as the cyber attack headlines just keep pouring in from universities, banks, governments, hospitals, public utilities and more, the rising impacts to society increase — even as many have become almost numb to the overall affect.
Here are just a few of the recent incident headlines I am talking about:
- The Record: Thousands have SSNs leaked after ransomware attack on Ohio state archive org
- Bleeping Computer: Rhysida claims ransomware attack on Prospect Medical, threatens to sell data
- CPO Magazine: Ransomware Attack on Danish Hosting Providers Causes Almost Complete Data Loss for Customers
- Lansing State Journal: Michigan State University data breach linked to global ransomware attack
- The Record: Fayetteville, Arkansas latest city dealing with debilitating cyberattack
- Security Week: University of Minnesota Confirms Data Breach, Says Ransomware Not Involved
- TechCrunch: Ransomware attack forces Dallas to shut down courts, disrupts some 911 services
- CBS News: What caused the internet outage at University of Michigan this week?
DATA AND TRENDS, PLEASE
No doubt, this is just a very small sampling of the number of cyber attacks that hit the mainstream and technology media every week. Critics oftentimes argue, "Show me the data. What are the trends? Are things getting better or worse?"
Allow me to first provide you with a plethora of recent information, data and trend reports before providing my take on what’s going on right now regarding global cyber attacks. After each of these headlines, I offer a brief excerpt to help.
Security Week: Cybersecurity Companies Report Surge in Ransomware Attacks
“Ransomware attacks continue to be highly profitable for cyber-crime groups and the recent reports released by various cybersecurity firms show that they are increasing both in terms of volume and sophistication.”
The HIPAA Journal: IBM: Average Cost of a Healthcare Data Breach Increases to Almost $11 Million
“The 2023 IBM Security Cost of a Data Breach Report shows the average data breach cost has increased to $4.45 million ($165 per record), with data breaches in the United States being the costliest at an average of $9.48 million, up 0.4 percent from last year. Data breaches are the costliest that they have ever been and have increased by 15 percent since 2020. The data for this year’s report was collected by the Ponemon Institute and included breach data from 553 organizations in 16 countries with interviews conducted with thousands of individuals. All data breaches studied for the report occurred between March 2022 and March 2023.
“For the 13th year in a row, health-care data breaches were found to be the costliest, with the average cost increasing to $10.93 million, which is a 53.3 percent increase over the past 3 years and an 8.22 percent increase from the $10.10 average breach cost in 2022. Small organizations with fewer than 500 employees saw average data breach costs increase by 13.35 percent year over year to $3.31 million.”
Security Intelligence: Cost of a data breach 2023: Financial industry impacts
“According to the IBM Cost of a Data Breach Report 2023, the global average cost of a data breach in 2023 was $4.45 million, 15 percent more than in 2020. In response, 51 percent of organizations plan to increase cybersecurity spending this year.
“For the financial industry, however, global statistics don’t tell the whole story. Finance firms lose approximately $5.9 million per data breach, 28 percent higher than the global average. In addition, evolving regulatory concerns play a role in how financial companies respond to cyber attacks and where they’re investing to reduce total risk.
“When it comes to calculating the true cost of a data breach for financial firms, monetary loss is just the beginning.
“Consider common threat vectors. While 48 percent of financial attacks start with malicious actors, human error accounts for 33 percent. Phishing and compromised credentials take the top spots for initial attack vectors at 16 percent and 15 percent, respectively. If attackers are successful, they often have access to millions of transaction and client records — the average cost for breaches of 50 million records or more now tops $300 million.”
Verizon.com: 2023 Data Breach Investigations Report: frequency and cost of social engineering attacks skyrocket
“The median cost per ransomware more than doubled over the past two years to $26,000, with 95 percent of incidents that experienced a loss costing between $1 and $2.25 million. This rise in cost coincides with a dramatic rise in frequency over the past couple of years when the number of ransomware attacks was greater than the previous five years combined. That prevalence held steady this year: Representing almost a quarter of all breaches (24 percent), ransomware remains one of the top cyber attack methods.
“The human element still makes up the overwhelming majority of incidents, and is a factor in 74 percent of total breaches, even as enterprises continue to safeguard critical infrastructure and increase training on cybersecurity protocols. …”
ZDNet: Data breaches grow nearly three times, with US accounts most compromised
“The number of breached user accounts climbed 156 percent to hit 110.8 million in the second quarter of 2023, with the U.S. and Russia among the top locations where these users reside.
“Some 49.8 million of breached accounts were from the U.S., accounting for 45 percent of the global figure. Russia ranked second at 15.3 million, followed by Spain at 3.7 million, according to the latest numbers from VPN provider Surfshark. Worldwide, data breaches grew 2.6 times compared to the first quarter, with an average of 855 accounts leaked every minute in the second quarter.”
Infosecurity Magazine: Critical Insight Report: 15% Drop in Breaches, 31% Surge in Victims
“The report notes an overall decrease of 15 percent in total breaches during the first half of 2023 compared to the latter half of 2022 — a positive development given the industry’s previous upward trend in attacks. This suggests a potential downturn in breaches for the entire year, making 2023 the lowest breach count since 2019.
“However, the decline in breaches was counterbalanced by a significant 31 percent increase in the number of individuals affected by data breaches during H1 2023 compared to H2 2022. This surge resulted in 40 million individuals being impacted within six months, equivalent to 74 percent of the total affected in 2022.”
SOME MORE HISTORICAL DATA BREACH CONTEXT
And last, but certainly not least, we have this recent report from CSO Online and Ninja One that covers "The 15 biggest data breaches of the 21st century." Here’s a summary:
- Yahoo has had the largest data breach so far, with 3 billion data records compromised in 2013.
- First American Financial Corporation had the second-largest breach with 885 million records compromised in 2019, and Facebook holds the third-largest data breach with 540 million records compromised in 2019.
- Yahoo data breaches account for two of the largest known data breaches.
"A new study has revealed that Yahoo’s data breach in 2013 had the greatest number of compromised data records, with three billion records compromised.
1. Yahoo (2013) – 3 billion records
The 2013 attack on Yahoo is the largest known data breach in history, with all three billion Yahoo user accounts at the time being compromised. Originally, it was reported that only one billion user accounts were compromised, but this figure was later revised to three billion. The attack resulted in data such as email addresses, passwords, dates of birth, and telephone numbers being stolen.
2. First American Corporation (2019) – 885 million records
Financial services provider First American Corporation has the second largest known data breach in history, with 885 million records being compromised in 2019. The breach was a result of poor security practices on their servers, with sensitive information being accessible to external users. This information included bank account details, Social Security digits, wire transactions, as well as other mortgage paperwork.
3. Facebook (2019) – 540 million records
The third largest known data breach belongs to social media giant Facebook, with 540 million records compromised in 2019. Third-party app developers posted the records on a public Amazon cloud server with the compromised records including information such as account names, IDs, and information about reactions and comments on posts.
4 (Tie). Marriott International (2018) – 500 million records
Hotel chain Marriott International has the tied fourth largest known data breach, with 500 million records compromised in a 2018 attack. Hackers suspected of working on behalf of the Chinese government were behind the attack on Marriott’s reservation database. The information that was compromised included unencrypted passport numbers and encrypted credit card numbers stored on the same server as their encryption keys.
4 (Tie). Yahoo (2014) – 500 million records
The second time Yahoo has featured on this list, the 2014 attack was the tied fourth largest known data breach, with 500 million records compromised. The attack resulted in information such as names, email addresses, telephone numbers, dates of birth, and answers to security questions being stolen."
FINAL THOUGHTS
So where does all this data take us? The data breach and ransomware numbers continue to climb and fast. Ransomware was supposedly down big in 2022, but back big in 2023, as I highlighted earlier this year in this blog.
The famous Mark Twain line, “Figures don't lie, but liars figure,” can certainly apply to these stats.
How?
The data breach numbers and costs keep going up, but one quarter may be less or more than the previous quarter, depending on the sector, and who is included or not included. Also, are you counting the number of incidents, records breached, costs, restoration time, dwell time or some other key metric?
Nevertheless, the reason I wrote this blog post now is not to compare IBM to Verizon data breach reports. Nor is it to analyze which sectors are up and which are down this year or quarter or month or week regarding cyber attacks.
The bottom line is that we continue to see major cyber attacks disrupt the lives of Americans and others around the world on a daily basis in every area of life. Schools and hospitals are not able to operate. Banks lose personal data and governments shut down, leaving emergency services disabled.
The impacts of cyber attacks continue to grow louder, but most people have become so used to the noise that they fail to pay proper attention. This new normal is scary, almost like bodily injury by a thousand cuts that come one a day, rather than one huge Cyber Pearl Harbor incident that shuts down society overall.
These overarching questions seem almost impossible to answer:
- What, if anything, can change this new normal regarding relentless cyber attacks?
- If these trends continue, almost like our federal debt grows minute by minute in America, what will be the eventual outcome?
- Even more radical, should we consider starting over with our use of the Internet?