In its latest Data Breach Investigations Report (DBIR), Verizon analyzed 10,626 confirmed breaches—twice the number from last year’s report—revealing a concerning trend. Vulnerability exploitation surged by 180%, driven largely by high-profile campaigns like the MoveIt Transfer attack, led by the Clop ransomware group. This attack compromised over 2,000 organizations globally, using zero-day vulnerabilities to execute breaches without the need for data encryption.
Clop’s strategy highlights a growing shift in cybercrime. Instead of encrypting data, many ransomware gangs are moving towards extortion-only attacks, where stolen data is used to blackmail organizations. According to David Hylender, senior principal of threat intelligence at Verizon, these methods have become highly lucrative, and he expects similar attacks to rise in the future.
Though ransomware attacks saw a slight decrease in traditional encryption-based breaches, data extortion attacks increased, with 32% of breaches involving ransomware or extortion-related incidents. Verizon’s report warns vendors of managed file transfer products to rigorously check their systems for vulnerabilities, predicting that zero-day exploits will continue to be a key threat vector.
Social Engineering: A Persistent Threat
Beyond ransomware, the report highlights the critical role human error plays in breaches. A staggering 68% of breaches involved a human element, including stolen credentials, social engineering attacks, or simple mistakes. Phishing attacks remain a top tactic, with the median time for a phishing victim to click a malicious link being less than 60 seconds. Pretexting, a form of social engineering commonly tied to business email compromise (BEC), was present in over 40% of these incidents.
Despite these threats, there are promising signs. Verizon noted an increase in phishing awareness, with more than 20% of users identifying and reporting phishing attempts—up from previous years. This suggests that training programs are starting to pay off, although attackers are also evolving rapidly.
The Arms Race Between Cyber Defenders and Attackers
Verizon’s DBIR paints a picture of an escalating arms race between cybercriminals and defenders. Attackers are diversifying their methods, blending ransomware, extortion, and social engineering techniques to exploit new vulnerabilities. As Hylender points out, defenders must also adapt, becoming more selective about their security vendors and ensuring those vendors prioritize robust internal security practices.
This year’s DBIR is the largest in the report’s history, due in part to the scale of the MoveIt Transfer attacks. However, Verizon researchers believe the data represents just the “tip of the iceberg.” Suzanne Widup, distinguished engineer of threat intelligence at Verizon, noted that many breaches remain undisclosed, especially in countries without strict reporting regulations.
What Lies Ahead for Cybersecurity?
Looking ahead, Verizon’s DBIR offers a clear message: the cybersecurity landscape is becoming more complex, with attackers shifting their tactics to exploit vulnerabilities faster than ever before. For organizations, especially those in industries heavily targeted by ransomware, the focus must be on proactive defense—identifying vulnerabilities before attackers can.
Verizon’s report urges businesses to stay ahead of the curve by selecting security vendors who not only protect against today’s threats but also anticipate tomorrow’s. As cybercriminals continue refining their techniques, the onus is on organizations to remain vigilant and adaptive.
Intech Hawaii: Your Ally Against Ransomware and Cybercriminals
At Intech-Hawaii, we’ve provided engaging cybersecurity training and phishing simulations for our clients. Our modules, which include fun videos and even games, let employees learn at their own pace—proving that cybersecurity doesn’t have to be boring. Clients love how these trainings not only enhance workplace security but also equip employees with skills useful in their personal lives. Want to boost your team’s cybersecurity awareness? Contact us at or give us a call at 808-596-9500, and we’ll help find the right solution for your business!
