Hackers are employing cyberespionage more than ever against key verticals, according to Verizon.

The company released its Data Breach Investigations Report Thursday, which shows that cyberespionage is the most common attack against manufacturing, education and the public sector.

The report analyzed 42,068 incidents and 1,935 breaches globally, and 300 of those breaches begin with espionage.

Suzanne Widup, senior consultant of network and information security for the Verizon RISK team, says this spying typically begins with social action in the form of email phishing.

“And then they drop malware on the foothold they’ve gained,” Widup told Channel Partners. “That gets the more information about the network. It gets them places to go in the network. It gets them where all of the interesting data is.”{ad}

The study found that email phishers commonly attack the manufacturing industry.

Another major trend from the study is ransomware, which increased by 50 percent over last year. It jumped from the 22nd most popular form of malware to the 5th.

The vast majority of breaches – 81 percent – came from stolen or easily guessable passwords. That’s a sign of what Widup calls a lack of basic security hygiene. Verizon recommends two-factor authentication and a “need to know” basis for data.

“When these kinds of attackers are trying to get credentials, they will either try and break the credentials themselves, try and steal them from your employees, or they may reuse credentials that have been broken by other breaches,” she said.

She says end users need to be on the same page with their solution providers so that both parties know who is responsible for what.

“If you do have these partners that you’ve outsourced certain functions of your business to – your core competency is probably not what they do – it’s very important to make sure your contracts reflect the risks you’re taking on, because you not only have your security risks; you have your vendor’s security risks when you outsource a piece of your infrastructure,” she said.

The report also shows the vulnerability of SMBs. The majority (61 percent) of the victims had fewer than 1,000 employees. Cyberespionage and ransomware are by no means reserved for enterprises. Widup says an attack could even happen on a business that does not own intellectual property or even customer data.

“Even if you have employee data, it’s data that somebody wants, and they will go after it whether you think you’re too small to be noticed or not,” she said. “There’s really no such thing as flying under the radar anymore.”

We compiled a list of real-life data breach scenarios that have rocked businesses.