BFSI, Hospitality, and Retail most vulnerable to data breaches

We live in a world absolutely saturated with information, so it is hardly surprising that breaches continue to happen in a widely diverse group of organizations scattered over various sectors and across geographies.

The rise of breaches in the Hospitality,BFSI and Retail sectors is one of those areas where the actual number of data breaches is much larger than included in our records.

"Some types of organizations such as Hospitality (mostly hotels and restaurants), Retail and Financial Services seem more prone to data breaches than others," said Mark Goudie - Managing Principal,the RISK Team,Verizon Enterprise Solutions.

BFSI

The high value targets such as Financial Services attracts more directed and sustained attacks, as the criminals know that successfully breaching these organizations is likely to lead to a significant windfall.

Many would be surprised to realize that only 9% of attacks involve an insider in the data breach of a financial services organization, and the majority of data is stolen by someone from outside of the organization.

"Globally, Banks are often target of attacks than other industries. What we have seen is that most organisations focus on security related to attacks coming from outside for  e.g. security related to network security, routers, firewalls etc. But we believe and we have seen that most of the threats breed in from within the organisation," informs Sundar Ram, Vice President, Technology Sales Consulting Oracle Corporation, Asia Pacific.

The financial services industry faces some unique challenges with regard to information protection. The industry's status as a high-value target means it attracts significantly more directed and tenacious criminal attention.

Physical tampering, stolen login credentials, SQL injection, and social engineering all occurred at levels significantly higher than those seen in other industries. Many of the attacks are targeted against ATMs, Web applications and social engineering attacks (such as pre-texting or spear phisihing) against employees.

Healthcare

Most of the breaches within the healthcare sector fell into the small to medium business category (one to 100 employees), and outpatient care facilities such as medical and dental offices comprised the bulk of these.

"Most attacks involved hacking and malware and often focused on point of sale (POS) systems. However, the healthcare industry also needs to protect medical devices and electronic health records," alerts Mark Goudie - Managing Principal,the RISK Team,Verizon Enterprise Solutions.

Retail

The most vulnerable organizations are franchises and other small and medium-size businesses, which often lack in-house resources and expertise to manage their own security.

"These businesses often rely on well intentioned, but ultimately ill-equipped third-party vendors, which often fail to provide adequate protection; or the businesses use an out-of-the-box solution, without adequately investigating whether the solution will meet their security needs,"informs Mark Goudie - Managing Principal,the RISK Team,Verizon Enterprise Solutions.

 

In many cases, employees are involved in the breaches, either wittingly or unwittingly. It is not uncommon for an employee to click on a malicious email attachment or visit a questionable site on a company desktop, infecting the system with malware and enabling an attacker to gain access to other devices within the network.

The 2012 Data Breach Investigations Report published by the Verizon RISK Team disclosed that there were 855 data breach incidents and 174 million compromised records that occurred in 2011.

The commonality with many of the victim organisations is that they have insecure remote support from vendors. This insecure remote connection is compromised by industrial scale organized crime gangs that operate across international boundaries. These crime gangs do not look for a particular organization, rather they scan the Internet looking for vulnerabilities they know how to exploit and then compromise the victims system to steal cashable data.