/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow UsThe 'Verizon 2013 Data Breach Investigations Report' reveals that large-scale financial cybercrime and state-affiliated espionage dominated the security landscape in 2012. Taking the top spot for all breaches, in the 2013 report is financially motivated cybercrime (75%), with state-affiliated espionage campaigns claiming the #2 spot (20%). Breaches in the #2 spot include cyber threats aiming at stealing intellectual property, such as classified information, trade secrets, and technical resources, to further national and economic interests.
"It has been observed that almost all the sectors are concerned about their data security. Recently RBI issued some security guidelines, which all the banks are following. DoT is also showing their intrest, even oil and gas sector is coming out with security guidelines" said Ashish Thapar, head, global consulting and integration services, India. Verizon Enterprise Solutions.
The 2013 DBIR also found that the proportion of incidents involving hacktivists-who act out of ideological motivations or even just for fun, held steady. But, the amount of data stolen has decreased, as many hacktivists shifted to other methods such as distributed denial of service (DDoS) attacks. These attacks, aimed at paralyzing or disrupting systems, also have significant costs because they impair business and operations.
"The bottom line is that unfortunately, no organization is immune to a data breach in this day and age," said Wade Baker, principal author of the Data Breach Investigations Report series. "We have the tools today to combat cybercrime, but it is all about selecting the right ones and using them in the right way.
Baker added, "In other words, it is necessary to understand your adversary - know their motives and methods, and prepare your defenses accordingly and always keep your guard up.". In 2012, victims represented a wide range of industries. Thirty-seven percent of breaches affected financial organizations, and 24% affected retails and restaurants. Twenty percent of network intrusions involved the manufacturing, transportation and utilities industries, with the same percentage affecting information and professional services firms. Of all cyberattacks,38% impacted larger organizations, and represented 27 different countries.
Now a days since IT operations are moving towards cloud infrastructure, it is also adding certain worries on security, realiabilty and accessibility. "Before putting your information on public cloud, it is essential to control measure should be placed, like data center control, network control, and environment control," added Paul Black, APAC regional managing principal for Verizon and author of Verizon's 2013 Data Breach Investigations Report.
Key Findings in the 2013 Data Breach Investigations Report
External attacks remain largely responsible for data breaches, with 92% of them attributable to outsiders, and 14% committed by insiders. This category includes organized crime, activist groups, former employees, and lone hackers. At times there are some organizations sponsored by foreign governments. As in the prior year's report, business partners were responsible for about 1% of data breaches.
In terms of attack methods, hacking is the #1 way of breaches. In fact, hacking was a factor in 52% of data breaches. Seventy-six percent of network intrusions exploited weak or stolen credentials (user name/password); 40% incorporated malware (malicious software, script or code used to compromise information); 35% involved physical attacks (such as ATM skimming); and 29% leveraged social tactics (such as phishing).
Â
The proportion of breaches incorporating social tactics such as phishing was 4 times higher in 2012, which, according to the breach report, is directly related to the tactic's widespread use in targeted espionage campaigns.
Additionally, the compromise-to-discovery timeline continues to be measured in months and even years, as opposed to hours and days. Finally, third parties continue to detect the majority of breaches (69%).