Read on Twitter
I received an early copy of this year’s Data Breach Investigations Report (DBIR) by @VZDBIR because I'm such a thot leader so I wrote a post with my thots and hot takes about it: kellyshortridge.com/blog/posts/kel…
thread of tl;dr snippets for mortals with no attention span:
thread of tl;dr snippets for mortals with no attention span:
Yet again, the #DBIR data shows 94.6% of breaches are financially driven.
It's reminder for us to invest in security that addresses reals rather than feels; and a reminder that the best way to hurt attackers, whether at local or macro scales, is to poison their ROI.
1/N
It's reminder for us to invest in security that addresses reals rather than feels; and a reminder that the best way to hurt attackers, whether at local or macro scales, is to poison their ROI.
1/N
Pretexting doubled this past year per the #DBIR! Attackers are using employees' email access to insert themselves into existing threads to ask a target victim to perform some sort of task.
I find this funny because I spend a lot of effort avoiding being in email threads...
2/N
I find this funny because I spend a lot of effort avoiding being in email threads...
2/N
Ransomware's proportion of breaches stayed flat (~24%), and 93% of ransomware incidents had *no loss.* Otherwise, the lower bound was just $1.00; you can't even get a slice of pizza in NYC for that anymore!
Worth noting pretexting has 5x the payoff of ransomware now, too...
3/N
Worth noting pretexting has 5x the payoff of ransomware now, too...
3/N
Log4Shell wasn't quite the bombshell we anticipated -- only ~0.4% of incidents -- but I think we should also be proud of our efforts to make it a non-event.
Also worth noting is 73% of Log4J cases were for espionage purposes; I muse on why that might be in the blog post...
4/N
Also worth noting is 73% of Log4J cases were for espionage purposes; I muse on why that might be in the blog post...
4/N
According to the #DBIR 41% of breaches involve mail servers (not just sending and receiving email).
Okay, but why the fuck is anyone still rolling their own mail server??? It isn't even convenient! Some real bottom energy there.
5/N
Okay, but why the fuck is anyone still rolling their own mail server??? It isn't even convenient! Some real bottom energy there.
5/N
Desktop sharing isn’t caring.
Desktop sharing software was right behind email as the top "action vector" for ransomware in the #DBIR. I call out Microsoft specifically in my blog post, although I don't have much hope in things changing...
6/N
Desktop sharing software was right behind email as the top "action vector" for ransomware in the #DBIR. I call out Microsoft specifically in my blog post, although I don't have much hope in things changing...
6/N
Supply chain FUD isn't really backed up by the #DBIR data. Based on it, the biggest "threat" is a software vendor's dev or admin creds getting stolen and used for BEC, rather than a fancy "backdoor-the-update" attack.
Read that part of the post if you want extra spice...
7/N
Read that part of the post if you want extra spice...
7/N
Overall, this year’s @VZDBIR is worth the read to challenge your assumptions and ponder the data, even if it lacks weird charts... I leave it up to you to read my post before or after: kellyshortridge.com/blog/posts/kel…
You can devour the #DBIR report here: verizon.com/dbir
Fin/N
You can devour the #DBIR report here: verizon.com/dbir
Fin/N
• • •
Missing some Tweet in this thread? You can try to
force a refresh
