Europe, Middle East and Africa (EMEA)

The information provided will be used in accordance with our terms set out in our Privacy Notice. Please confirm you have read and understood this Notice.

By submitting the form, you are agreeing to receive insights, reports and other information from Verizon and affiliated companies in accordance with our Privacy Policy. California residents can view our California Privacy Notice.

Verizon may wish to contact you in the future concerning its products and/or services. If you would like to receive these communications from Verizon, indicate by selecting from the dropdown menu below. Please note that you can unsubscribe or update your preferences at any time.

Indicates a required field. The content access link will be emailed to you.

View only

Thank You.

Gracias.

You will soon receive an email with a link to confirm your access. When you click to confirm from your email, your document will be available for download.

If you do not receive an email within 2 hours, please check your spam folder.

Gracias.

You may now close this message and continue to your article.

  • Resumen

    EMEA continues to be beset by Basic Web Application Attacks, System Intrusion, and Social Engineering.


    Frequency

    5,379 incidents, 293 with confirmed data disclosure


    Top Patterns

    Basic Web Application Attacks, System Intrusion, and Social Engineering patterns represent 83% of breaches


    Threat Actors

    External (83%), Internal (18%) (breaches)


    Actor Motives

    Financial (89%), Espionage (8%), Fun (1%), Grudge (1%) (breaches)


    Data compromised

    Credentials (70%), Internal (52%), Personal (22%), Other (16%) (breaches)


  • For the second year in a row, Basic Web Application Attacks are the most commonly seen pattern in this region, accounting for approximately 54% of breaches

  • EMEA is made up of Europe, the Middle East and Africa. For the second year in a row, Basic Web Application Attacks are the most commonly seen pattern in this region, accounting for approximately 54% of breaches. 

    Sometimes these attacks are aimed at obtaining the data within the application itself, but in other cases it is simply a means to an end in order to perpetrate other forms of badness.

    The System Intrusion, Social Engineering and Miscellaneous Errors patterns are all closely grouped for second place in this region (Figure 130). By far the most often breached data type in EMEA is Credentials, and this goes some way toward explaining the placement of the patterns. While in many cases we know that stolen Credentials were used, we do not always have visibility into how they were initially acquired. However, we do know that Social Engineering in the form of Phishing is very often the means attackers use to obtain them.

    Regardless of how they originally got their grubby little hands on them, using stolen Credentials is the primary means by which the actor hacks into the organization, and in many cases, it is via a Web application.

    Finally, 17% of actors in EMEA are Internal (most often system administrators), which explains the presence of Miscellaneous Errors in the top four patterns. In the majority of cases (67%), these are unintentional Misconfiguration errors.

Let's get started.