75% of Breaches Financially Motivated, 20% Are Espionage
Money was still by far the biggest motivation behind data
breaches in 2012, followed by state-sponsored espionage, according to a new report from Verizon. "Hacktivists" were as busy as ever, but shifted their attention away from data theft to instead paralyzing or disrupting systems.
The Verizon 2013 Data Breach Investigations Report found that financially motivated cybercrime tops its list at 75 percent of all breaches. State-affiliated espionage campaigns claimed the second spot at 20 percent.
The report also found that the proportion of incidents involving hacktivists held steady. But many hacktivists shifted from data theft to other methods of disruption such as distributed denial of service (DDoS) attacks. These attacks also have significant costs because they impair business and operations.
"The bottom line is that, unfortunately, no organization is immune to a data breach in this day and age," said Wade Baker, principal author of the Data Breach Investigations Report series. "We have the tools today to combat cybercrime, but it's really all about selecting the right ones and using them in the right way. In other words, understand your adversary -- know their motives and methods, and prepare your defenses accordingly, and always keep your guard up."
Hacking Leads the Way
Who are the victims? It runs the gamut. Thirty-seven percent of breaches affected financial organizations, while 24 percent affected retailers and restaurants. Twenty percent of network intrusions involved the manufacturing, transportation and utilities industries. The same percentage affected information and professional services firms. The cyberattacks occurred in 27 countries, and 38 percent affected larger organizations.
External attacks remain largely responsible for data breaches, with 92 percent of them attributable to outsiders and 14 percent committed by insiders. This category includes organized crime, activist groups, former employees, lone hackers and even organizations sponsored by foreign governments. As in the 2012 report, business partners were responsible for about 1 percent of data breaches.
Hacking is the No. 1 way breaches occur. Indeed, hacking was a factor in 52 percent of data breaches. Seventy-six percent of network intrusions exploited weak or stolen credentials, i.e. user name and password. Another 40 percent incorporated malware, such as malicious software, script or code used to compromise information. Thirty-five percent involved physical attacks, such as ATM skimming. And 29 percent leveraged social tactics, such as phishing.
More Sophisticated than Ever
Ken Pickering, development manager for security intelligence at CORE Security, told us attacker profilers have advanced since the inception of cybercrime and cyber-espionage. (continued...)