Verizon 2025 Report Alarming Rise in Cyberattacks Via Third-Parties

Verizon Business recently released its 2025 Data Breach Investigations Report (DBIR), revealing a disturbing trend in the cybersecurity landscape: third-party involvement in data breaches has doubled to 30% over the past year, creating unprecedented challenges for organizations worldwide.

This significant shift indicates cybercriminals are increasingly targeting supply chain vulnerabilities to compromise multiple victims through a single point of entry, maximizing their impact while minimizing their effort.

The comprehensive analysis, which examined over 22,000 security incidents including 12,195 confirmed data breaches, found that exploitation of vulnerabilities as an initial attack vector grew by an alarming 34%, now accounting for 20% of all breaches.

This tactical shift demonstrates attackers’ growing sophistication in identifying and leveraging security gaps before organizations can implement patches or mitigations.

Verizon analysts identified a concerning pattern wherein threat actors are leveraging credential abuse (22%) alongside vulnerability exploitation to create multi-stage attack chains that are increasingly difficult to detect and mitigate.

The researchers noted that these combined approaches allow malicious actors to establish persistent access while appearing as legitimate users within compromised networks, often remaining undetected for extended periods.

The human element continues to play a significant role in successful breaches, with social engineering tactics frequently serving as the initial compromise vector.

These attacks typically leverage sophisticated phishing campaigns that target specific employees with access to critical systems, demonstrating the attackers’ patient reconnaissance and strategic planning capabilities.

Despite increased awareness and security investments, small and medium-sized businesses (SMBs) remain disproportionately impacted, with ransomware present in 88% of breaches affecting these organizations.

With the median ransom payment reaching $115,000, these attacks pose an existential threat to many smaller enterprises lacking robust security infrastructure.

Vulnerability Exploitation Techniques

The exploitation techniques observed in the third-party attacks demonstrate sophisticated reconnaissance and execution.

Attackers typically begin by scanning partner networks for unpatched systems, focusing particularly on internet-facing applications and services.

Once identified, these vulnerabilities become the initial foothold for more extensive network penetration.

A typical attack sequence involves initial scanning, vulnerability identification, exploitation, lateral movement, and data exfiltration.

In the most concerning cases, attackers leverage zero-day vulnerabilities which have no available patches.

This exploitation pattern allows threat actors to maintain persistence for an average of 187 days before detection, according to the report’s findings.

The attack methodology frequently employs specially crafted HTTP requests designed to trigger buffer overflow conditions in vulnerable web applications.

These requests typically contain malformed parameters that exploit memory management weaknesses, allowing for arbitrary code execution on the target system.

Once executed, this code establishes a connection to command-and-control infrastructure, typically using encrypted communications to evade detection.

“The proliferation of third-party integrations in modern business environments has created an expanded attack surface that many organizations fail to properly secure or monitor,” explained Chris Novak, Vice President of Global Cybersecurity Solutions at Verizon Business.

“Each external connection represents a potential entry point that bypasses traditional perimeter defenses”.

The report emphasizes that organizations must implement comprehensive third-party risk management programs, including vendor security assessments, continuous monitoring, and zero-trust security models to mitigate these evolving threats.

With supply chain attacks continuing to rise, the traditional security perimeter has effectively dissolved, requiring a fundamental shift in how organizations approach cybersecurity strategy and implementation.

The Verizon 2025 DBIR serves as a critical warning for organizations of all sizes to reevaluate their third-party security postures.

As threat actors continue to evolve their tactics, focusing increasingly on supply chain vulnerabilities, companies must adopt multi-layered defense strategies that address both technical vulnerabilities and human factors.

With ransomware and data theft continuing to pose significant threats, the report underscores the importance of comprehensive security programs that include regular vulnerability assessments, prompt patching, employee training, and improved visibility into third-party connections.

Only through such holistic approaches can organizations hope to navigate the increasingly perilous cybersecurity landscape revealed in this year’s report.

Malware Trends Report Based on 15000 SOC Teams Incidents, Q1 2025 out!-> Get Your Free Copy

The post Verizon 2025 Report Alarming Rise in Cyberattacks Via Third-Parties appeared first on Cyber Security News.