ForgeRock, a global leader in digital identity, announces the results of its 2022 Consumer Identity Breach Report: Cybercriminals are finding new attack vectors across industries and borders.
In addition to data breaches in Germany, ForgeRock's Consumer Identity Breach Report analyzes and describes attacks in other regions, including the US, UK, Australia and Singapore.
Increase in data breaches in Germany
The IT security situation in Germany was tense overall last year. 2021 was marked by attacks on critical and public infrastructures, as well as authorities and supply chains. The number of cases of registered cyber attacks in Germany in 2021 increased by more than 12 percent compared to the previous year. Specifically, phishing attacks increased by 2020 percent from 2021 to 40. As cybercrime has increased, so has the potential damage from ransomware attacks, from around €5,3 billion in 2019 to €24,3 billion in 2021, an increase of more than 350 percent.
Combination of ransomware and data leaks
Attacks with ransomware usually involve the risk of a data leak, which is usually accompanied by the leakage of personal data and a corresponding blackmail. In practice, these two events are becoming increasingly blurred as cybercriminals tend to publish the stolen data from a ransomware attack on DarkNet platforms. This trend is reflected in the number of monthly active data leak sites where stolen data is made available to the public and other attackers for further cyber attacks. The number of such sites has increased by almost 360 percent.
Data Breach Costs
In Germany, as in many other countries, the costs associated with a data breach have increased over the past year, from $4,45 million to $4,89 million. This corresponds to around 4,64 million euros. In the last year, a new record has been set for fines against those companies that have not adhered to compliance guidelines such as the GDPR. Companies worldwide paid around one billion euros due to compliance violations - a significant increase compared to almost 170 million euros in the previous year. Fines of around 50 million euros were imposed in Germany last year.
🔎 Plus 350 percent ransomware: Consumer Identity Breach Report 2022 (Image: ForgeRock).
German data from 2021 clearly shows that the risk of access data being stolen and thus sensitive data being tapped is higher than ever. The increasingly popular combination of ransomware attacks and data leaks on DarkNet sites requires passwordless authentication using mobile authenticators, such as FIDO2 security keys or fingerprint readers.
Vigilance pays off
"IT security teams must remain vigilant as cybercriminals become increasingly brazen to achieve their goals," notes Fran Rosch, CEO of ForgeRock. “Exploits that target people's usernames and passwords to break into organizations are becoming more sophisticated. More than ever, companies need to deploy digital identity and access management solutions that strengthen their IT security without compromising the user experience."
Methodology of the report
ForgeRock created the Consumer Identity Breach Report based on data breaches in the US, UK, Germany, Australia and Singapore. The data comes from various sources such as the Federal Criminal Police Office's (BKA) 2021 cybercrime situation report, the Federal Office for Information Security (BSI)'s situation report on IT security in Germany, evaluations by Forrester Research and the Ponemon Institute and others. ForgeRock collected this data between January 1, 2021 and December 31, 2021.
More at ForgeRock.com
About Forge Rock ForgeRock is a global leader in digital identity, providing modern and comprehensive identity and access management solutions for consumers, employees and things that enable easy and secure access to the connected world. More than 1.300 customer companies worldwide use ForgeRock to manage, administer and secure the entire identity lifecycle.