The newly released Verizon 2011 Data Breach Investigation Report notes that "2011 boasts the second-highest data loss total since we started keeping track in 2004."
The report illustrates the diverse nature con complex mix of motivations that are behind the majority of data loss events.
"We certainly encountered many faces, varied tactics, and diverse motives in the past year, and in many ways, the 2012 Data Breach Investigations Report (DBIR) is a recounting of the many facets of corporate data theft. The online world was rife with the clashing of ideals, taking the form of activism, protests, retaliation, and pranks. While these activities encompassed more than data breaches (e.g., DDoS attacks), the theft of corporate and personal information was certainly a core tactic." the report states.
Hacktivism activity emerged as a leading motivation in major data loss events and exposure of sensitive information in 2011, and the unpredictable nature of the criteria for targeting organizations created a heightened level of uncertainty, according to the report.
"This re-imagined and re-invigorated specter of “hacktivism” rose to haunt organizations around the world. Many, troubled by the shadowy nature of its origins and proclivity to embarrass victims, found this trend more frightening than other threats, whether real or imagined. Doubly concerning for many organizations and executives was that target selection by these groups didn’t follow the logical lines of who has money and/or valuable information. Enemies are even scarier when you can’t predict their behavior," the DBIR states.
Nonetheless, organized cyber crime activity remains a priority threat to the security of sensitive information, according to the Verizon report.
"Mainline cybercriminals continued to automate and streamline their method du jour of high-volume, low-risk attacks against weaker targets. Much less frequent, but arguably more damaging, were continued attacks targeting trade secrets, classified information, and other intellectual property."
While the data from 2010 showed a sharp decline in the number of exposed records, 2011's numbers indicate the dip was short-lived.
"The number of compromised records across these incidents skyrocketed back up to 174 million after reaching an all-time low (or high, depending on your point of view) in last year’s report of four million," the report notes.
(click image to enlarge)
Key Findings in the Verizon 2011 Data Breach Investigation Report:
Offenders:
- 98% stemmed from external agents (+6%)
- 4% implicated internal employees (-13%)
- <1% committed by business partners
- 58% of all data theft tied to activist groups
Tactics:
- 81% utilized some form of hacking (+31%)
- 69% incorporated malware (+20%)
- 10% involved physical attacks (-19%)
- 7% employed social tactics (-4%)
- 5% resulted from privilege misuse (-12%)
Commonalities:
- 79% of victims were targets of opportunity (-4%)
- 96% of attacks were not highly difficult (+4%)
- 94% of all data compromised involved servers (+18%)
- 85% of breaches took weeks or more to discover (+6%)
- 92% of incidents were discovered by a third party (+6%)
- 97% of breaches were avoidable through simple or intermediate controls (+1%)
- 96% of victims subject to PCI DSS had not achieved 96% of victims subject to PCI DSS had not achieved
Source: www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf?