latest updates from easySERVICE™
According to Verizon, 92 percent of all attacks last year fell into nine basic categories, with the majority relating to Web app attacks and retailer point-of-sale (POS) breaches.
The findings come in Verizon’s 2014 Data Breach Investigations Report (DBIR). In it, 50 global companies contributed to a report that studied 1,367 data breach and 63,437 security incidents.
And in those incidents observed, Verizon found that the attackers are getting better at the speed in which a breach occurs and are having higher infiltration success rates than in years before.
“A lot of attackers simply look for vulnerable victims on the Internet and deploy automated attacks,” said Paul Pratley, an investigations manager with the RISK Team at Verizon in a statement. “Often it will take seconds to minutes before a network is compromised, but it can take a really long time for an organization to discover it — weeks to months or even a year. That’s something we’d really like to see change.”
For those leveraging Web app attacks, the top motivation continues to be ideologically based (65 percent of all Web attacks studied), with financial motivation coming in second (33 percent) and espionage clocking in with 2 percent of all monitored incidents.
What’s surprising when looking at Web app attacks is that the overwhelming number (88 percent) of incidents is reported not from internal IT, but from an outside source, whether that be from an affected customer, user or third-party fraud detection service.
Verizon’s advice for networks looking to cut down on the number of these types of incidents includes:
The other major trend Verizon found was that retail data breach attacks continue to be a major headache in the security landscape. However, despite major retailer incidents like last year’s Target breach, POS-based attacks for the last two years were actually slightly lower than those for the 2010 and 2011.
Source: Associated Press