Cybercriminals targeting employees' wage and tax data: Verizon

New Delhi: Ransomware has become the most prevalent type of malicious software -- found in 39 per cent of malware-related cases -- as cybercriminals are now targeting HR departments to obtain personal data for the filing of fraudulent tax returns, a new report said on Tuesday.

According to US wireless communications service provider Verizon's 2018 Data Breach Investigations Report (DBIR), ransomware attacks have doubled since 2017 and now target business critical systems rather than just desktops.

"Pretexting has increased over five times since 2017, with 170 incidents analysed this year (compared to just 61 incidents in 2017). Eighty-eight of these incidents specifically targeted HR staff to obtain personal data for the filing of fraudulent tax returns," the report, now in its 11th edition, said.

Pretexting is defined as the practice of presenting oneself as someone else in order to obtain private information.

"HR departments across multiple verticals are being targeted in a bid to extract employees' wage and tax data, so criminals can commit tax fraud and divert tax rebates," the report added.

The ransomeware attacks are moving into critical systems which encrypt file servers or databases, inflicting more damage and commanding bigger ransom requests.

"Businesses find it difficult to keep abreast of the threat landscape, and continue to put themselves at risk by not adopting dynamic and proactive security strategies," said George Fischer, President of Verizon Enterprise Solutions.

Employees are still falling victim to social attacks.

Financial pretexting and phishing represent 98 per cent of social incidents and 93 per cent of all breaches investigated - with email continuing to be the main entry point (96 per cent of cases).

"Companies are nearly three times more likely to get breached by social attacks than via actual vulnerabilities, emphasising the need for ongoing employee cybersecurity education," the report emphasised.

The 11th edition of the report included data from 67 contributing organisations, with analysis on over 53,000 incidents and 2,216 breaches from 65 countries.

While, on average, 78 per cent of people did not fail a phishing test last year, 4 per cent of people did for any given phishing campaign.

"A cybercriminal only needs one victim to get access into an organisation," the report said.

"One breach can have multiple attackers and we found the following: 72 per cent of attacks were perpetrated by outsiders, 27 per cent involved internal actors, 2 per cent involved partners and 2 per cent feature multiple partners," it added.

"Ransomware remains a significant threat for companies of all sizes," said Bryan Sartin, Executive Director, Security Professional Services, Verizon.

Companies need to continue to invest in employee education about cybercrime and the detrimental effect a breach can have on brand, reputation and the bottom line, he added.