Select Page

Verizon has published its 2012 data breach investigations report. This years report is a result of analysing 855 incidents, 174 million compromised records and it represents a broader and more diverse geographical scope.

Some key points from the executive summary of the report

Who is behind data breaches?

  • 98% stemmed from external agents (+6%)
  • 4% implicated internal employees (-13%)
  • <1% committed by business partners (<>)
  • 58% of all data theft tied to activist groups

How do breaches occur?

  • 81% utilized some form of hacking (+31%)
  • 69% incorporated malware (+20%)
  • 10% involved physical attacks (-19%)
  • 7% employed social tactics (-4%)
  • 5% resulted from privilege misuse (-12%)

What commonalities exist?

  • 79% of victims were targets of opportunity (-4%)
  • 96% of attacks were not highly difficult (+4%)
  • 94% of all data compromised involved servers (+18%)
  • 85% of breaches took weeks or more to discover (+6%)
  • 92% of incidents were discovered by a third party (+6%)
  • 97% of breaches were avoidable through simple or intermediate controls (+1%)
  • 96% of victims subject to PCI DSS had not achieved compliance (+7%)

Where should mitigation efforts be focused?

Smaller organizations

  • Implement a firewall or ACL on remote access services
  • Change default credentials of POS systems and other Internet-facing devices
  • If a third party vendor is handling the two items above, make sure they.ve actually done them

Larger organizations

  • Eliminate unnecessary data; keep tabs on what.s left
  • Ensure essential controls are met; regularly check that they remain so
  • Monitor and mine event logs
  • Evaluate your threat landscape to prioritize your treatment strategy
  • Refer to the conclusion of this report for indicators and mitigators for the most common threats

You can read the full report here