It’s hard to talk about data breaches without mentioning Verizon’s popular Data Breach Investigations Report (DBIR). Now in its sixth year, the newest iteration of the DBIR, which was released this week, finds that the vast majority (75 percent) of breaches are driven by a hope for financial gain.
As the current headlines suggest, state-affiliated espionage campaigns took the second place spot, being the motivator in one out of five attacks. The report said:
Money-minded miscreants continued to cash in on low-hanging fruit from any tree within reach. Bolder bandits took aim at better-defended targets in hopes of bigger hauls. Activist groups DoS’d and hacked under the very different — and sometimes blurred — banners of personal ideology and just-for-the-fun-of-it lulz.
The DBIR report, which is freely available for download, includes data from 19 global security organizations with an analysis of more 47,000 security incidents and 621 confirmed breaches.
Some of the news was particularly bad for small and midsized organizations. SMBs accounted for most of the breaches, accounting for 62 percent of 2012 events. “Large organizations may do better because they have expertise on how to layer defenses properly,” said Roger Thompson, chief emerging threat officer at malware reseacher ICSA Labs told IFSEC Global. “I suspect that the smaller organizations are largely still trying to rely on antivirus alone.”
At least some of the findings of the DBIR were not surprising at all. For example, financial organizations were the favorite victims of breaches, accounting for more than one third of incidences. Retail environments and restaurants, meanwhile, accounted for another one quarter of data losses. Meanwhile, 20 percent of network intrusions involved manufacturing, transportation, and utility companies and another 20 percent are aimed at information and professional organizations.
“The bottom line is that unfortunately, no organization is immune to a data breach in this day and age,” said Wade Baker, principal author of the Data Breach Investigations Report series in a press release. “We have the tools today to combat cybercrime, but it’s really all about selecting the right ones and using them in the right way.
Intruders rely on a variety of activities to achieve their objectives. Although malware and hacking remain primary approaches, the survey indicated that the use of these tried-and-true techniques is actually down. The top five attack approaches included:
- Gaining access to the network through weak/stolen credentials (76 percent)
- Hacking (52 percent)
- Malware (40 percent)
- Physical attacks (35 percent)
- Social engineering (29 percent)
Some industry watchers say that perhaps due to the increasing sophistication of malware, organizations may be underestimating the role that it plays in data breaches. “If the attack is going to have a lasting imprint, there has to be malware involved,” said ICSA’s Thompson. “I believe the malware component must be higher than 40 percent.”
Verizon suggests a number of best-practices to minimize data breaches. Organizations should:
- Keep only necessary data and work to keep tabs on it.
- Implement data controls and regularly audit them.
- Collect, analyze, and share incident data and tactical threat intelligence to help drive security program effectiveness.
- Work to implement training, processes, and technology that allow early detection of breaches.
- Regularly measure network parameters (such as the number of compromised systems and mean time to detection) that can drive better security practices.
- Avoid a one-size-fits-all approach and evaluate the threat landscape based on your particularly business and industry.
Do you have a story about a data breach that occurred in your organization? Or something to say about the best ways to avoid a data disaster? Let us know in the comments.
Free Download: The Video Surveillance Report 2023
Discover the latest developments in the rapidly-evolving video surveillance sector by downloading the 2023 Video Surveillance Report. Over 500 responses to our survey, which come from integrators to consultants and heads of security, inform our analysis of the latest trends including AI, the state of the video surveillance market, uptake of the cloud, and the wider economic and geopolitical events impacting the sector!
Download for FREE to discover top industry insight around the latest innovations in video surveillance systems.
Hacking is a risk-free crime in most cases – no presence at the crime scene is required. One can steal data such as customer lists, financial reports or banking information and use it with impunity. Often, the burgled organization doesn’t even know they’ve been hit. The same goes with espionage – sensitive data can be stolen leaving no tracks for the victim to follow. Other attacks, such as DOS, will leave the victim impotent to respond. We have become so dependent on the internet that we have left ourselves vulnerable to all kinds of problems. Until security catches up with the hackers, this… Read more »
I read an interesting study that said that most oganizations find out about a breach from a business partner. Talk about losing face! Today’s malware is very sneaky and often goes unspotted for months. On the bright side, i do see more industry cooperation in catching cyber criminals. In additon, often there is international cooperation to bring down cybercriminals. One great example was the Grum botnet being brought down last summer. it was repsonsible for about 18 percent of spam worldwide…so you saw the difference when it was shut down. I’ve also seen some hackers arrested. The FBI, for example,… Read more »
@ Hailey
I think we are making great strides in finding ways to identify cybercriminals. The better they are at what they do, the harder they are to track.
@Stacy, it certainly is a game of leap frog. They get better, we get better, then they up their game…and we run to catch up. Hopefully soon we can catch the lead and keep it.
@ Hailey
At the rate our technology improves, eventually we might catch the lead. =)
@Stephen Spiegel – I totally agree to what you say “Hacking is a risk-free crime in most cases – no presence at the crime scene is required.” This is why there are many hackers in this world; they try to be invisible or untraceable. They use multiple proxy’s to make it difficult to trace.
@Stephen Spiegel – I feel that data is now more precious than money, that’s the reason why everybody is behind your data (including your competitors) Customer information, financial information, marketing information etc.
@Hailey – Thanks for sharing the crime scene, it’s always good to be updated as you never know when your business might face such problems. I think businesses should make sure their employees are aware of these incidents, just to be on the safe side.
@STACEY ESTEY – Cyber criminals always try to creep into the system and take the data without being caught, they use random IPs to log in so that they are like ghosts on the network. Sometimes they look for a free IP and access files as if it’s an internal user.
@ Shehan
The resourcefulness of criminals (or cybercriminals) always amazes me. Imagine if they put their talents into something good……
@Shehan Ahamed, it’s a constantly shifting landscape too. Increasingly, SMBs are being targetted, because small businesses can have big potential for criminals who want to gather intellectual property, customer information and the like.
@STACEY ESTEY Since it is morally wrong and illegal for anyone to own up as cyber criminal it extremely difficult to understand their next line of action in order to have measures to combat their operations. If we can have international laws for cyber attack. it will be the stating step for mitigating against cyber attack , but I dont see how that can be enforced
But generally, criminals are only looking for financial data. It’s relatively easy to find as well as credit card numbers have a pretty clearly defined pattern and size. An algorithm to scrape for those is about the most straightforward thing a hacker can do.
@George Brown
I agree it is extremely difficult to enforce cybercrime laws, and the crossing of international lines simply compounds this difficulty. The better we get at stopping cybercrime, the better the cyber-criminals will get…
@ Rob
That is pretty scary, that the easiest information for a hacker to get is our financial information. It makes one wonder how secure is it, really to be paying bills and making purchases online. I don’t even like to let a waiter walk away from my table with my credit card to process my bill…you never know, it only takes a few seconds to copy the necessary information from my card to wreak havoc on my finances.
shehan I think whatever the hackers do they will finally be caught as now everything is traceable. The trace might take time but it will finally be there. I think people should at least be concerned about protecting their data. Threy need to be educated to stop hackers to go on a shopping spree.
could not agree more this day you have no choice as even basic IT security knowledge is a must for regular consumer…
@Shehrbano Kamran – Auditing is not always available. With the expansion of ‘Bring Your Own Device’ comes also ‘Bring Your Own Risk’ as each and every employee who makes use of the policy then effectively extends their own personal home networks as an uncontrolled and far too often unsecured extension of your corporate networks. Frequently, data is removed from safe, commercial network environments and placed instead in unsecured home networks where access is too frequently a free for all. Awareness and education is key here and corporate ‘data owners’ should consider provision of both a more secure cloud storage solution… Read more »
Joe correct. Cybercrime is a full fledge science now. Different ways and means are now and then came into existance that knowledge of which is very difficult. I think if everybody at least toke care of jis own data and give it max security I think this data breach can be reduced but removed is a difficult thing to do.
Joe in my opinion BYOD instead of securing the data it has increased its vulnerability as access points are increased from safe to very casually maintained home or job points. I think data can be more secure ata single access point where its security can be easier then other options.
@ Sheh – Agreed.
The reality is that convenience will overtake policy every time. If a worker finds it more convenient then they will find a way around any security policy to access their documents on demand. Don’t fight against this desire, instead embrace it and find a way of providing it yourself so as to retain control and deploy risk mitigation techniqques and monitoring.
If they have it on demand then they won’t look to provide it themselves (why spend money when it is available to them easily and freely?).
Joe I think not every thing can be provided on demand. There might be few documents which are more calssified then normal. I think you can provide access do few who on demand can provide the required data to others specially the more important data.