Here’s the report everybody’s been waiting a full year for. Well, maybe not everybody. But if you’re charged with security for your company’s enterprise, Verizon’s latest 2013 Data Breach Investigations Report (DBIR) covering 2012 is must reading. It’s also easy reading.
“Motives for these attacks appear equally diverse. Money-minded miscreants continued to cash in on low-hanging fruit from any tree within reach. Bolder bandits took aim at better-defended targets in hopes of bigger hauls. Activist groups DoS’d and hacked under the very different—and sometimes blurred—banners of personal ideology and just-for-the-fun-of-it lulz. And, as a growing list of victims shared their stories, clandestine activity attributed to state-affiliated actors stirred international intrigue.” As we said, easy reading.
The report was put together by the Verizon RISK Team in cooperation with a host of companies and agencies from U.S. Homeland Security and the Danish Defence Intelligence Service to Carnegie Mellon’s Software Engineering Institute and Deloitte and literally covers the globe.
Two types of cyberrotters were responsible for the vast majority of breaches. Seventy-five percent were driven by greed or as the report put it “financially motivated cybercrime” while twenty percent were “state-affiliated espionage campaigns” defined as “cyberthreats aimed at stealing intellectual property-such as classified information, trade secrets and technical resources to further national and economic interests.”
Following are some of the report’s high points though low points might be a more apt description:
- Cybercrime victims in 2012 represented a wide range of industries from financial organizations (37 percent) to retailers and restaurants (24 percent).
- 20 percent of network intrusion cases covered in the report involved the manufacturing, transportation and utilities industries, with the same percentage affecting information and professional services firms.
- Hacking was the number one way breaches occurred-factoring in 52 percent of data breaches; while 76 percent of network intrusions exploited weak or stolen credentials such as usernames and passwords. 40 percent incorporated malware tactics and 35 percent involved physical attacks, such as ATM skimming.
Additionally, phishing factored in 20 percent of cases in the report.
- Breaches continue to go undiscovered for months or even, years. And in 69 percent of cases, third parties are the ones who detect a data breach.