Every year about this time, Verizon comes out with an annual review of the results of its investigations into thousands of data breaches and security incidents from around the world.
The report can be very data heavy and even a little depressing, but we can learn great things from it. Here are just ten:
1. According to the report, 92% of the more than 100,000 security incidents and breaches analyzed by Verizon over the last decade share some or all of the following nine characteristics:
2. 63,000 security incidents and breaches were investigated as part of the report, making it one of the most comprehensive and insightful.
3. Out of more than 1,300 data breaches last year, the biggest category (25%) was web applications. That was followed by cyber espionage (22%) and Point-of-Sale attacks (14%).
4. Out of the 198 Point-of-Sale attacks investigated by Verizon last year, all resulted in sensitive data being exposed. According to the report “A resurgence of RAM scraping malware is the most prominent tactical development in 2013,” the same tactic used in the giant Target breach.
5. Out of nearly 4,000 web app exploits investigated, more than 10% involved the exposure of data. According to the report “Web applications remain the proverbial punching bag of the Internet. They’re beaten in one of two ways: by exploiting a weakness in the application (typically inadequate input validation), or by using stolen credentials to impersonate a valid user. Many of the attacks in our 2013 dataset targeted off-the-shelf content management systems (e.g., Joomla!, WordPress, or Drupal) to gain control of servers for use in DDoS campaigns.”
6. One out of every three web app attacks were financially motivated, the rest blamed on hactivists (like Lulz and Anonymous) and espionage.
7. The top targets for web app attacks were the information sector, utilities, manufacturing, and retail.
8. The three most common forms of attack on web apps were phishing (to lure users into revealing their passwords), brute force attacks to crack passwords, and SQL injections.
9. Out of 130 incidents of payment card skimming investigated, all 130 resulted in sensitive data being exposed. The top two targets were the financial sector and retail.
10. Cyber espionage showed some of the most worrying growth, with the U.S. accounting for the biggest number of incidents by far – 54% of incidents compared to the next highest which was South Korea at just 6%. State-sponsored cyber espionage accounted for nearly 90% of the attacks, with just 11% attributed to criminals.
So what’s the takeaway from this year’s report? There are lots, but basically (a) you can never afford to let your guard down, (b) crooks have no end of exploits and attack vectors to choose from, and (c) all signs are that things are only going to get worse. Keep those shields up by calling SiteLock at 855.378.6200.
Google Author: Neal O’Farrell