Copyright by Verizon Wireless. All rights reserved by Verizon Business
The “Verizon 2012 Data Breach Investigations Report“ reveals the dramatic rise of “hacktivism” — cyberhacking to advance political and social objectives.
In 2011, 58 percent of data stolen was attributed to hacktivism, according to the annual report released today from Verizon.
The new trend contrasts sharply with the data-breach pattern of past several years, during which the majority of attacks were carried out by cybercriminals, whose primary motivation was financial gain.
Seventy-nine percent of attacks represented in the report were opportunistic. Of all attacks, 96 percent were not highly difficult, meaning they did not require advanced skills or extensive resources.
Additionally, 97 percent of the attacks were avoidable, without the need for organizations to resort to difficult or expensive countermeasures.
The report also contains recommendations that large and small organizations can implement to protect themselves. See: Seven tips for keeping hactivists out of your network.
Now in its fifth year of publication, the report spans 855 data breaches across 174 million stolen records – the second-highest data loss that the Verizon RISK (Research Investigations Solutions Knowledge) team has seen since it began collecting data in 2004.
Five partners joined in the report
Verizon was joined by five partners that contributed data to this year’s report: the United States Secret Service, the Dutch National High Tech Crime Unit, the Australian Federal Police, the Irish Reporting & Information Security Service and the Police Central e-Crime Unit of the London Metropolitan Police.
“With the participation of our law enforcement partners around the globe, the ’2012 Data Breach Investigations Report’ offers what we believe is the most comprehensive look ever into the state of cybersecurity,” said Wade Baker, Verizon’s director of risk intelligence.
Goal: increase awarenss of global cybercrime
“Our goal is to increase the awareness of global cybercrime in an effort to improve the security industry’s ability to fight it while helping government agencies and private sector organizations develop their own tailored security plans.”
The report findings reinforced the international nature of cybercrime. Breaches originated from 36 countries around the globe, an increase from 22 countries the year prior. Nearly 70 percent of breaches originated in Eastern Europe, with less than 25 percent originating in North America.
External attacks remain largely responsible for data breaches, with 98 percent of them attributable to outsiders. This group includes organized crime, activist groups, former employees, lone hackers and even organizations sponsored by foreign governments.
Insider incidents declined
With a rise in external attacks, the proportion of insider incidents declined again in this year’s report, to 4 percent. Business partners were responsible for less than 1 percent of data breaches.
In terms of attack methods, hacking and malware have continued to increase. In fact, hacking was a factor in 81 percent of data breaches and in 99 percent of data lost.
Malware also played a large part in data breaches; it appeared in 69 percent of breaches and 95 percent of compromised records. Hacking and malware are favored by external attackers, as these attack methods allow them to attack multiple victims at the same time from remote locations. Many hacking and malware tools are designed to be easy and simple for criminals to use.
Additionally, the compromise-to-discovery timeline continues to be measured in months and even years, as opposed to hours and days. Finally, third parties continue to detect the majority of breaches (92 percent).
Copyright Verizon Wireless. All Rights Reserved.
Key Findings of the 2012 Report
Data from the 2012 report also demonstrates that:
- Industrial espionage revealed criminal interest in stealing trade secrets and gaining access to intellectual property. This trend, while less frequent, has serious implications for the security of corporate data, especially if it accelerates.
- External attacks increased. Since hacktivism is a factor in more than half of the breaches, attacks are predominantly led by outsiders. Only 4 percent of attacks implicate internal employees.
- Hacking and malware dominate. The use of hacking and malware increased in conjunction with the rise in external attacks in 2011. Hacking appeared in 81 percent of breaches (compared with 50 percent in 2010), and malware appeared in 69 percent (compared with 49 percent in 2010). Hacking and malware offer outsiders an easy way to exploit security flaws and gain access to confidential data.
- Personally identifiable information (PII) has become a jackpot for criminals. PII, which can include a person’s name, contact information and social security number, is increasingly becoming a choice target. In 2011, 95 percent of records lost included personal information, compared with only 1 percent in 2010.
- Compliance does not equal security. While compliance programs, such as the Payment Card Industry Data Security Standard, provide sound steps to increasing security, being PCI compliant does not make an organization immune from attacks
Providing customer service via Twitter, Facebook and other social media is one of the first steps savvy companies take. Studies show that about 84 percednt of company social media use is geared toward providing customer service.
