Verizon Data Breach Investigations: Point-of-sale attacks, web app hacks & more

medium_5224925339As far as cybersecurity goes, 2013 was about as bad as it gets. It’s not just that the NSA was revealed to be hacking just about every single Internet user in the world. Oh no, it was the year that hacking incidents went mainstream, becoming something the average web user needs to worry about.

Cyberattacks are on the rise, but there’s some good news too. Of the 1,300-odd confirmed last year, hackers used only nine basic attack patterns. So long as we learn how to resist these attacks, we’ll have a much better chance of sidestepping attacks. The only problem is, it’s easier said than done.

These are the takeaways from Verizon’s annual Data Breach Investigations Report, which is now into its tenth year and is one of the industry’s most highly regarded reports of its type. The report covers attacks in more than fifty organizations, encompassing a total of 63,000 cybersecurity incidents, with 1,347 confirmed breaches in 95 countries.

Although Verizon says that there were only nine kinds of attack, 72 percent of all confirmed breaches were carried out using one of just three methods, although this does vary according to each industry. As an example, cybercriminals tended to favor hacking web applications, card skimming, or Distributed Denial of Service (DDoS) attacks in 75 percent of all incidents within the financial industry.

However, these three methods aren’t the only ones. ‘Inside jobs’ were also popular too, with Verizon counting nearly 11,700 incidents classified as “insider and privilege misuse”. In total, 112 of these incidents resulted in the attacker stealing company data – just as Edward Snowden did when he targeted his former employer, the NSA. In Snowden’s case, the NSA will tell you that it was difficult to detect what he was doing, and that’s the biggest risk right there. Verizon admits as such in its report, saying that “most insider misuse occurs within the boundaries of trust necessary to perform normal duties. … That’s what makes it so difficult to prevent.”

But why are employees so keen to steal their master’s data? In almost all cases its down to greed – either they want to sell that data to a rival company for money, or they want to start a competitor company of their own. According to Verizon, 48 percent of these incidents were detected within a few days, but 70 of the cases went undetected for years.

There’s also a risk from so-called state-sponsored hackers, as SiliconANGLE has covered before. Verizon says that incidents of this type were on the rise too, although they still only account for a relatively small percentage of breaches overall. In total, there were 511 incidents of this type, with 54 percent of the victims being US companies and organizations. As for the source of the attacks, 49 percent were found to have originated in China.

Finally, there’s one more threat that should have organizations quaking in their boots, especially if they happen to deal in retail security. Verizon recorded 198 attacks against point-of-sale terminals, and most of these were successful. In 85 percent of these incidents the attackers used RAM-scraping software, which happens to be the method used in the infamous Target breach late last year. Even worse, 98 percent of these attacks went undetected for several weeks or months.

For those with a vested interest in cybersecurity, Verizon’s report is essential reading. For everyone else, the following table highlights the biggest threats for each industry. For example, those in real estate will be interested to know that one in three data breaches were the result of ‘inside jobs’.

Verizon Data Breach Report

photo credit: Dalo_Pix2 via photopin cc