Verizon recently published its 2020 Data Breach Investigations Report (DBIR), which analyzed 32,002 security incidents in 16 different industries and four different world regions. Similar to last year’s findings, the majority of breaches – 86 percent – are financially motivated, and most – 70 percent – are caused by outsiders. Credential theft, social attacks (i.e., phishing and business email compromise), and errors are still causing the majority of breaches. As stated in the DBIR, “These tactics prove effective for attackers, so they return to them time and again.”
Just as there are many similarities from last year’s DBIR, there are also many differences. An important change worth noting is that web applications were part of more than 43 percent of breaches, more than double the amount from last year. Stolen credentials were used in more than 80 percent of these incidents.
The DBIR found that the cause of the increase in web application breaches was a result of more people moving their workflows to the cloud. In light of the current pandemic, with more and more businesses undergoing digital transformations, the number of web application breaches will likely increase.
“As remote working surges in the face of the global pandemic, end-to-end security from the cloud to employee laptop becomes paramount," said Tami Erwin, CEO, Verizon Business.
Web application threats were found to be prevalent in all 16 industries, but especially in retail. The retail industry is seeing a major threat to their e-commerce applications – a trend that has carried over since 2019. It’s vital that retailers invest in a comprehensive application security (AppSec) program and scan their applications frequently.
Our recent State of Software Security (SOSS) report found that in the retail industry, 40 percent of applications are only scanned once a year. By increasing the number of scans, the retail industry could find and remediate more flaws and address security debt. Our analysis also found that there are two OWASP Top 10 vulnerabilities that should be on the retail industry’s radar: Code Injection and Credentials Management. Retail has a higher percentage of risks that fall into these categories. This is likely due to the fact that retailers need to authenticate users and handle input. Once again, more frequent scanning should help address these flaws.
To learn more about protecting web applications, check out our AppSec products and services.