The Verizon data breach investigation report is out, and, as always, it does not disappoint. Filled with a treasure trove of stats and insight into the past year’s breaches, there’s much to take away from this report. Just one point of interest is that 75% of attacks were driven by financial interest, with 37% of breaches affecting a financial organization. When you first download the report, you see a quote under the cover page that says “some organization will be a target regardless of what they do, but most become a target because of what they do,” and the stats certainly verify that. It used to be that attackers hacked because they could, but as of late they are looking to get something out of it.
And with 66% of breaches not being discovered for months or longer, these attackers seem to have all the time in the world to do their dirty business. So what needs to be done to detect these breaches early-on?
Eric Chiu, president and founder of HyTrust suggests that “with the majority of computing now moved to cloud environments, we need to turn our security paradigm around from an ‘outside in’ threat perspective, which has proven inefficient and largely ineffective, to an ‘inside out’ view that addresses both insider and outsider advanced threats.”
Attackers are also using a wider range of attacks than ever before, making it more difficult to prevent all types of attacks. There were 4X as many attacks through social media in 2012 compared to 2011 and there were 3.5X as many physical attacks. In 2011 most attacks came from hacking or malware, but now the attack surface playing field is evening out.
Nathaniel Couper-Noles, senior security consultant at Neohapsis says that “the breadth of successful attacks in the report shows that technological innovations can benefit attackers as well as defenders. The security margin between theoretical vulnerabilities and real exploitation is shrinking.”
As a consumer, it’s not comforting to know that my financial data is priority numero uno for attackers and that they are pulling off attacks that were once thought to be impossible. There will always be innovation on both sides of the table, and the question is whether security vendors can find a way to pull ahead of the bad guys and stop their theoretical attacks before they become possible to carry out. However, with 78% of initial intrusions for these attacks considered as low difficulty, there’s still much to be done to make it harder for attackers to get their foot in the door.