Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

One in five data breaches are the result of cyberespionage, Verizon says

Lucian Constantin | April 23, 2013
The plans include one for small businesses, with up to 25 lines of shared data, and one aimed at large businesses of any size, with no limit on the number of devices

One noteworthy finding of this report is that all threat actors are targeting valid credentials, Jacobs said. In four out of five breaches, the attackers stole valid credentials to maintain a presence on the victim's network, he said.

This will hopefully start to raise some questions about the widespread reliance on single-factor password-based authentication, Jacobs said. "I think if we switch to two-factor authentication and stop being so reliant on passwords, we might see a decrease in the number of these attacks or at least force the attackers to change" some of their techniques.

Fifty-two percent of data breach incidents involved hacking techniques, 40 percent involved the use of malware, 35 percent the use of physical attacks -- for example ATM skimming -- and 29 percent the use of social tactics like phishing.

The number of breaches that involved phishing was four times higher in 2012 compared to the previous year, which is probably the result of this technique being commonly used in targeted espionage campaigns.

Despite all the attention given to mobile threats during the past year, only a very small number of breaches covered by the Verizon report involved the use of mobile devices.

"For the most part, we are not seeing breaches leverage mobile devices as of yet," Jacobs said. "That's a pretty interesting finding that's kind of counter-intuitive in light of all the headlines saying how insecure mobile devices are. That's not to say they're not vulnerable, but the attackers currently have other easier methods to get the data."

The same holds true for cloud technologies, Jacobs said. While there have been some breaches involving systems that are hosted in the cloud, they were not the result of attacks exploiting cloud technologies, he said. "If your site is vulnerable to SQL injection, it doesn't matter where it's hosted -- in the cloud or locally. The kind of breaches we're seeing would occur regardless of whether the system would be in the cloud or not."

The Verizon report includes a list of 20 critical security controls that should be implemented by companies and which are mapped to the most prevalent threat actions identified in the analyzed dataset. However, the level to which every company should implement each control depends on the industry they're part of and the type of attacks they're likely to be more exposed to.

 

Previous Page  1  2 

Sign up for MIS Asia eNewsletters.