Beazley reports nine-fold rise in data breaches due to social engineering
Specialist insurer Beazley’s third quarter 2017 Breach Insights report released today 24 October reveals the rapid growth of social engineering* attacks – scams involving deception - as a cause of data breaches reported to the insurer by its clients.
Fraudsters use social engineering attacks to prey on employees’ roles in their companies in order to orchestrate the disclosure of sensitive information or the wire transfer of money to criminal recipients. These exploits generally take one of two forms. The first, W-2 scams, typically occur during the months leading to tax filing deadlines when criminals use targeted emails to persuade a specific company employee to forward copies of all the company’s employees’ W-2 forms. This often results in the criminals filing false tax returns, based on the improperly forwarded W-2 information, to claim refunds. The second category, fraudulent instruction, occurs when a fraudster impersonates a trusted party, such as a company executive or a payment system vendor, to cause a fraudulent payment, often a wire transfer, to be made into the fraudster’s account.
In the first three quarters of 2016, social engineering attacks accounted for only 1% of the incidents handled by Beazley Breach Response (BBR) Services, Beazley’s dedicated in-house team that helps clients manage data breaches. This soared to 9% of the 2,013 incidents reported to BBR Services in Q1-Q3 2017.
Professional service firms had the highest percentage of social engineering breaches followed by financial institutions and higher education institutions.
Social engineering breaches by industry sector reported to Beazley Q1-Q3 2017
Professional service firms 18%
Financial institutions 9%
Higher education 9%
Healthcare organizations 3%
Hacking and malware remained the most prevalent cause of data breach during the first nine months of 2017 at 34% of the total reported to Beazley. Hacking and malware includes cyber extortion which accounted for 30% of these attacks. Unintended disclosure remained a major cause of breaches, despite having dipped slightly from 35% in Q1 2017 to 29% for the first nine months of 2017.
Katherine Keefe, global head of BBR services, said: “Social engineering can be quicker, easier and cheaper to implement for cybercriminals than stealing data and can be much more lucrative. As a leading data breach insurer, Beazley is concerned at the rapid development of this trend. We are urging our clients to implement tighter security and internal process controls, such as a requirement for dual authorization, and ensure that their employees are fully trained to spot potential attacks in order to reduce the chances of this happening.”
Raf Sanchez, international breach response service manager at Beazley, noted that trends seen in the US are also playing out in the UK and continental Europe. “Phishing and social engineering continue to be the main sources of attack, with higher education establishments and the public sector, which often hold the most sensitive and therefore the most valuable data, particularly affected”, he said.
Healthcare –unintended disclosure losses unabated
At 41% of the total number of breaches reported to Beazley by organizations in the healthcare sector, the high level of unintended disclosure is unabated and remains more than double that of the second most frequent cause of loss, hacking or malware (19%). Beazley also noted an upturn in the number of data breaches caused by insiders, up from 12% of the total in 2016 to 15% in 2017.
Higher Education - mailbox vulnerabilities exposed
Phishing remains a prevalent cause of data breach for institutions in the higher education sector. Higher education incidents so far this year have involved one specific type of phishing scheme targeting employee direct deposit instructions. Attackers gain access to an employee's email inbox through phishing, determine the type of payroll/HR system that the institution uses, request a password reset for the employee’s login to the system, and divert the electronic deposit of the employee’s pay check.
Professional Services – social engineering the fastest growing cause of breach
For professional services organizations the highest percentage cause of breaches in Q1-Q3 2017 was hacking and malware at 48%. However, social engineering has emerged as a worrying trend, accounting for 18% of all breaches reported to Beazley by firms operating in this sector, and almost double that recorded for financial institutions and higher education establishments.
Financial Institutions – hacking and malware on the rise
Hacking and malware attacks as a proportion of the total number of data breaches reported to Beazley by financial institutions clients rose to 46% in the first nine months in 2017, up from 40% in the same period in 2016. Consistent with the overall findings of Beazley’s Breach Insight report for the third quarter 2017, social engineering emerged as the fastest growing trend, representing 9% of all breaches.