Following its Data Breach Investigations Report earlier this month, Verizon Enterprise has released the Data Breach Digest, detailing and dissecting data breach cases for our education. In 2015 alone, Verizon investigated more than 500 cases pertaining to cyber security, sorted them by scenario, and has presented them along with tips for prevention, detection, and protection.

Recurring Themes

It’s often said that every new idea is just a rehash of an old one, and when it comes to data breaches, that’s still pretty much the case. Verizon’s found that all the different breaches and attacks could be sorted into eighteen different scenarios. Out of those, only twelve are particularly common, although the other six still occur with enough frequency to merit note.

In fact, each of the eighteen categories may sound pretty familiar. They are, in order: social engineering, financial pretexting, digital extortion, insider threat, partner misuse, USB infection, peripheral tampering, hacktivist attack, rogue connection, logic switch, SQL injection, CMS compromise, backdoor access, DNS tunneling, data ransomware, sophisticated malware, RAM scraping, and credential theft.

Those categories are, in turn, split into four groups, based on whether they focus on the human element, conduit devices, configuration exploitation, or malicious software. Each new category makes it easier to classify and understand what they are and how they work, as well as how to defend against them.

Learning From Example

In each of the categories, the report provides specific examples of situations where a business encountered a data breach. All these are real situations with nothing but names changed, so each step, threat, and solution are taken from reality.

Perhaps the most important thing in each section is the “Lessons learned” paragraph at the end. That’s where the report summarizes what organizations can do to defend against each threat. For instance, in the “Hacktivist attack” section, it discusses how, in the scenario presented, having internet-facing servers connected to management systems proved a weakness, and explains how a layered defense-in-depth strategy could have detected the attack earlier in the process or even prevented it. These are valuable lessons that the companies in question had to learn from experience, but we can now learn from them.

Know Thyself

Near the end of the report, it offers advice for protection from each of the kinds of situations, but it can be summed up in one word: “know.” Know your workforce, your environment, and your tools. Know the threats and methods and the tools they use. To take it to a more extreme level, cyber attacks are like cyber warfare, and a quote from Sun Tzu’s “The Art of War” is quite applicable to this situation: “If you know your enemies and know yourself, you will not be imperiled in a hundred battles.”

You can download the Data Breach Digest from Verizon Enterprise’s website, and see for yourself what threats are out there and how to keep your business safe from them.

Photo by perspec_photo88