Phishing dominates the UK threat landscape
Using analysis of the last three year's worth of data breach information from the UK's Information Commissioner's Office (ICO), cyber security awareness platform CybSafe has revealed that phishing breaches have jumped significantly.
In 2019, UK organizations reported more cyber security breaches to the ICO than ever before. A total of 2,376 reports were sent to the public body last year, up from 540 in 2017, and 1,854 reports in 2018.
In 2017, only 16 breach reports were made to the ICO as a result of successful phishing attacks. This jumped to 877 phishing reports in 2018, and in 2019 UK organizations reported a record 1,080 phishing-related breaches to the ICO -- representing 45 percent of all cyber security data breach reports received by the ICO last year.
Phishing was the most commonly reported data breach in 2019, with unauthorized access taking second place, with 791 breaches reported. Other notable causes for breaches included 243 reports related to malware or ransomware, 64 related to hardware/software misconfiguration, and 34 related to brute force password attacks.
Commenting on the findings, Oz Alashe, CEO of CybSafe, says:
With GDPR causing a massive surge in reporting during 2018, we might have expected that reports to the ICO would taper off in 2019 -- but this wasn't the case. 2019 surpassed the numbers achieved in the previous year quite dramatically. In terms of human error data breaches, it was a particularly significant year.
As for lessons learned, there's a lot to take away from these figures. As a nation, we can’t begin to address cyber risk if we only concentrate on technical threats. The human side of the equation is so important. Simple attacks, especially social engineering attacks, continue to dominate the threat landscape. And it’s hard to see that situation changing significantly in the next few years.
With end-user mistakes often being either a cause or catalyst in the majority of breaches, British businesses and public sector organizations need to be asking whether they're doing enough to minimize that risk. Are they doing anything at all, and if they are, is it really making a difference?
Information on the latest security trends is available from the ICO site.