- AI and Cybersecurity: Mitigating Risks and Safeguarding Digital Assets
- Vinted Fined €2.3m Over Data Protection Failure
- Cambios en las licencias de VMWare: ¿Impulsarán la desvirtualización de los centros de datos?
- EU Opens Applications for Cybersecurity and Digital Skills Funding
- US Med-Equip eases hospital pain point with AI, RPA
2020 cyber security statistics – IT Governance UK Blog
In 2020, we recorded 1,120 breaches and cyber attacks that were reported on in mainstream media, which accounted for 20,120,074,547 leaked records.
Compiling this information enables us to see how security incidents occur and the trends to look out for.
Did you know, for example, that the number of disclosed incidents shot up in the second half of the year, showing the impact that COVID-19 has had on organisations? Or that there was a 50% increase in breached records compared to 2019?
In this blog, we take a closer look at this data. You can also find a summary in our infographic.
What should be organisations’ biggest concern?
In compiling this data, we have distinguished between breaches caused by a criminal hacker and those that are the result of an organisation leaking data by mistake.
Doing this reveals more about how security incidents happen and who is to blame.
Typically, there is a relatively even split between the number of cyber attacks and accidental breaches we report on, but that wasn’t the case in 2020.
While the number of data breaches remained consistent (we reported on 349), there was a surge in cyber attacks, with 771 incidents.
The most likely reason for this is the strain put on organisations because of COVID-19 and staff working remotely. Employees are increasingly reliant on technology to communicate and share information, creating opportunities for attackers.
How were organisations exploited?
When a security incident is disclosed, organisations don’t always know, or report on, its cause.
However, where this was revealed, ransomware was the most prevalent cause, with 289 cases.
This makes it by far the most common cyber attack method, ahead of system vulnerabilities being exploited (60), phishing attacks (40) and malware (33).
There were almost certainly far more cases of each of these, but they are often simply the first stage of a more comprehensive attack and often go unnoticed.
Consider, for example, that many cyber criminals use phishing scams to inject ransomware into an organisation’s systems. In those cases, the ransomware is the smoking gun and what organisations first notice, but it doesn’t tell the full story.
When it comes to data breaches, internal error (210) is the most frequent cause. Such incidents are typically the result of an employee sending information to the wrong person, leaving physical or digital files in a public place or failing to install updates.
Another common cause of data breaches is malicious insiders. We catalogued 45 incidents that were generally the result of a disgruntled former employee (or, occasionally, current employee) misusing sensitive information they’d been entrusted with.
The most vulnerable sectors
For the second year in a row, the healthcare and health sciences sector was the most vulnerable. We recorded 240 incidents, which accounted for 1.2 billion breached records.
This is concerning not just because of the sheer number of records affected but also the types of data involved. For example, depending on the nature of the incident, healthcare breaches can reveal medical issues that can affect victims’ reputations.
Likewise, healthcare data can be used to conduct fraud, launch phishing attacks and, in some cases, reveal financial data.
The technology and media sector was the second most vulnerable sector, with 158 incidents and 3.3 billion breached records. The education sector followed, with 157 incidents and 884 million breached records.
As with healthcare breaches, security incidents at educational institutes are especially dangerous, because the majority of records involve children’s data.
In the UK and EU, this information is subject to specific protections within the DPA (Data Protection Act) 2018 and the GDPR (General Data Protection Regulation).
Schools had plenty of other problems in 2020, with many struggling to remain operational at all, which could explain their inability to clamp down on security incidents.
However, the education sector was one of the most vulnerable sectors even before COVID-19, with 2020 simply a continuation of an upward curve – although that’s something you could say across all sectors.
Hopefully, as the world returns to some level of normality in 2021, organisations will understand the importance of effective cyber security and implement appropriate measures to better protect themselves.
You can find more information about 2020’s data breaches and cyber attacks, along with advice on how to stay safe, by downloading our free infographic.
