Technology News

latest updates from easySERVICE™

The annual Verizon security report found that hackers are becoming both more efficient and quicker in their attacks

Cyber Thieves

According to Verizon, 92 percent of all attacks last year fell into nine basic categories, with the majority relating to Web app attacks and retailer point-of-sale (POS) breaches.

The findings come in Verizon’s 2014 Data Breach Investigations Report (DBIR). In it, 50 global companies contributed to a report that studied 1,367 data breach and 63,437 security incidents.

And in those incidents observed, Verizon found that the attackers are getting better at the speed in which a breach occurs and are having higher infiltration success rates than in years before.

“A lot of attackers simply look for vulnerable victims on the Internet and deploy automated attacks,” said Paul Pratley, an investigations manager with the RISK Team at Verizon in a statement. “Often it will take seconds to minutes before a network is compromised, but it can take a really long time for an organization to discover it — weeks to months or even a year. That’s something we’d really like to see change.”

For those leveraging Web app attacks,  the top motivation continues to be ideologically based (65 percent of all Web attacks studied), with financial motivation coming in second (33 percent)  and espionage clocking in with 2 percent of all monitored incidents.

What’s surprising when looking at Web app attacks is that the overwhelming number (88 percent) of incidents is reported not from internal IT, but from an outside source, whether that be from an affected customer, user or third-party fraud detection service.

Verizon’s advice for networks looking to cut down on the number of these types of incidents includes:

  • Avoid using single-factor password authentication and mandate that customers use multiple authentication tools and services when using online-based apps.
  • IT should adhere to a strict patching process, whether that means setting up an automated patch process that quickly releases fixes to the public or sticking with a stringent manual patching procedure.
  • Continue to strengthen processes to internally check for vulnerabilities and make fixing any found flaws an immediate priority.
  • Enforce login lockout policies to guard against brute-force attacks.
  • Monitor outbound connections for irregularities and make sure that data isn’t being sent to suspicious global regions.

The other major trend Verizon found was that retail data breach attacks continue to be a major headache in the security landscape. However, despite major retailer incidents like last year’s Target breach, POS-based attacks for the last two years were actually slightly lower than those for the 2010 and 2011.

Source: Associated Press

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: