Every year, Verizon releases a big report showing how companies are getting hacked—and the 2024 edition is out now. Spoiler alert: things aren’t looking great. Verizon looked at over 30,000 security incidents and more than 10,000 actual data breaches, and what they found should be a wake-up call for just about everyone.
Here’s the deal—no matter how many firewalls or fancy security systems companies have, human error is still one of the biggest problems. According to Verizon, nearly 7 out of 10 breaches happened because someone made a mistake. That includes clicking on scam emails, sending information to the wrong person, or setting up systems incorrectly.
And get this—when people get a phishing email (you know, those fake messages pretending to be from a legit source), they click on it in just 21 seconds on average. Even worse, it takes only about 28 seconds for them to hand over personal info. On the bright side, more people are learning to spot these scams—about 1 in 5 reported the email without falling for it.
As revealed by PhoneArena, one of the scarier trends is how fast hackers move when a new vulnerability is discovered. As soon as a weakness in software becomes public, hackers are scanning the internet for it within five days. But companies? They take an average of 55 days just to fix half of those issues.
That means there’s a massive window of opportunity for bad actors to sneak in and do damage. One major example from last year was the MOVEit software flaw, which hackers exploited fast—causing a ton of headaches for businesses.
Ransomware (where hackers lock up your data and demand money to unlock it) is still a huge problem. It showed up in nearly a quarter of all breaches. But there’s a new twist: sometimes hackers skip the locking part altogether and just steal your data, threatening to leak it unless you pay up. This “extortion-only” style is getting more popular—and that’s bad news for everyone.
More companies are getting hacked because someone they work with gets compromised. These are called supply chain attacks, and they jumped 68% compared to the previous year. It shows that even if your own company’s security is tight, you can still be in trouble if one of your vendors isn’t careful.
At the end of the day, the report makes one thing super clear: people are still the weakest link in cybersecurity. And while hackers are getting faster and more clever, we’re often too slow to catch up.
If you’re a business, it’s time to get serious about employee training, keeping systems updated, and making sure your partners and vendors are doing the same. Because when it comes to cyberattacks, it’s not a matter of “if”—it’s a matter of “when.”
Source: PhoneArena
