Kelly Shortridge's post about the DBIR is great <a href="https://kellyshortridge.com/blog/posts/shortridge-makes-sense-of-verizon-dbir-2024/" rel="nofollow">https://kellyshortridge.com/blog/posts/shortridge-makes-sens...</a>
Direct link - <a href="https://www.verizon.com/business/resources/T5d2/reports/2024-dbir-data-breach-investigations-report.pdf" rel="nofollow">https://www.verizon.com/business/resources/T5d2/reports/2024...</a><p>From the title, it seemed that Verizon had published a postmortem of a recent data breach incident they had
Official release, other links:<p><a href="https://www.verizon.com/about/news/2024-data-breach-investigations-report-vulnerability-exploitation-boom" rel="nofollow">https://www.verizon.com/about/news/2024-data-breach-investig...</a>
What is up with the glib tone featured throughout this document? To cite a few examples (there are many more):<p>Page 11: "Hello, friends, and welcome to the “Results and analysis” section."<p>Page 15: "Hey, you, don’t skip this section this year! We know we keep repeating, “It’s always external criminals wanting your money” alongside dated pop culture references, but we have some interesting data points to discuss this year. Does this mean External actors are not the most prevalent? No, of course they are, silly. But since we got your attention, please read on."<p>Page 37: "In the cybersecurity world, or “the cyber biz,” as we call it, we certainly love our catchy terminology. Terms such as whaling, smishing, quishing, tishing, vishing, wishing, pharming, snowshoeing and plain old phishing are ever-present in the Social Engineering pattern. This makes sense because there are a lot of vectors on which we need to educate our employees and end users, and we’re positive that in another five years, there will be new ones that we will have to add to our list."
This is actually a really solid high-level report. Very well-written. Frankly, it blows my mind that it was made by a company with such infuriatingly asinine, incompetent, and ineffective support processes. I'll bet a non-zero quantity of hiring managers that have been burned by Verizon's support have subconsciously passed over talented candidates coming from there.
Breaches by attackers will continue until it becomes prohibitively expensive or dangerous for the attackers to do what they do. This isn't something companies can do; it takes a government to do that.<p>Until then, it's a great way to squeeze crypto out of some company to make up for the fact that your country is under sanctions tied to the US Dollar, and since it's hard to prove to the bean counters that an attack will happen with reasonable certainty on a given system in the next quarter, good luck getting resources and priority for mitigations beyond the usual.