> TECHNOLOGY >
rise in targeted attacks, organised crime involvement
More electronic records
were breached in 2008 than the previous four years combined, fuelled by a
targeting of the financial services industry and a strong involvement of
organised crime, according to the “2009 Verizon Business Data Breach
Investigations Report (DBIR)".
This second annual study - based on data analysed from Verizon Business’
actual caseload comprising 285 million compromised records from 90 confirmed
breaches - revealed that corporations fell victim to some of the largest
cybercrimes ever during 2008. The financial sector accounted for 93 per cent
of all such records compromised last year, and a staggering 90 per cent of
these records involved groups identified by law enforcement as engaged in
Verizon Business investigative experts found that nearly nine out of 10
breaches were considered avoidable if security basics had been followed.
Most of the breaches investigated did not require difficult or expensive
preventive controls. The 2009 report concluded that mistakes and oversight
failures hindered security efforts more than a lack of resources at the time
of the breach.
Similar to the first study’s findings, the latest study found that highly
sophisticated attacks account for only 17 per cent of breaches. However,
these relatively few cases accounted for 95 per cent of the total records
breached – proving that motivated hackers know where and what to target.
“The compromise of sensitive information increased dramatically in 2008 and
it’s past time to be vigilant about enterprise security,” said Dr. Peter
Tippett, vice president of research and intelligence for Verizon Business
Security Solutions. “This report should serve as another wake-up call that
good security and a proactive approach are paramount to running a business
in this day and age - particularly since the economic crisis is likely to
trigger a further increase in criminal activity.”
This year’s key findings both support last year’s conclusions and provide
new insights. These include:
- Most data breaches investigated were caused by external sources.
Seventy-four per cent of breaches resulted from external sources, while 32
per cent were linked to business partners. Only 20 per cent were caused by
insiders, a finding that may be contrary to certain widely held beliefs.
- Most breaches resulted from a combination of events rather than a single
action. Sixty-four per cent of breaches were attributed to hackers who used
a combination of methods. In most successful breaches, the attacker
exploited some mistake committed by the victim, hacked into the network, and
installed malware on a system to collect data.
- In 69 per cent of cases, the breach was discovered by third parties. The
ability to detect a data breach when it occurs remains a huge stumbling
block for most organisations. Whether the deficiency lies in technology or
process, the result is the same. During the last five years, relatively few
victims have discovered their own breaches.
- Nearly all records compromised in 2008 were from online assets. Despite
widespread concern over desktops, mobile devices, portable media and the
like, 99 per cent of all breached records were compromised from servers and
- Roughly 20 per cent of 2008 cases involved more than one breach. Multiple
distinct entities or locations were individually compromised as part of a
single case, and remarkably, half of the breaches consisted of interrelated
incidents often caused by the same individuals.
- Being PCI-compliant is critically important. A staggering 81 per cent of
affected organisations subject to the Payment Card Industry Data Security
Standard (PCI-DSS) had been found non-compliant prior to being breached.
As the cybercrime market continues to evolve, so do the targets, techniques
and types of attackers. The big money is now in stealing personal
identification number (PIN) information together with associated credit and
debit accounts. In 2008, Verizon Business witnessed an explosion of attacks
targeting PIN data.
As was the case from 2004 to 2007, data breaches investigated in 2008
affected a wide array of organisations. While the retail industry continues
to be the most frequently targeted, accounting for a third of all cases, the
biggest rise was in financial services, which more than doubled its share to
30 per cent. But more importantly, the financial sector accounted for more
than nine out of 10 of the more than 285 million records compromised.
Said Tippett, “The financial services firms were singled out and fell victim
to some very determined, very sophisticated and, unfortunately, very
successful attacks in 2008.”
Food and beverage establishments, the second most frequently hit industry in
the first report, dropped to third place in 2008 with its share falling from
20 per cent to 14 per cent.
“Our task is not getting any easier; the sum total of information in the
world grows continually and permeates everything we do and everywhere we go.
While the majority of attacks remain rather mundane, the criminals are
adapting to our current protection strategies and inventing new ways to
attain the data they value,” he said.
Verizon Business, a unit of Verizon Communications, is a global provider of
communications and IT solutions. A complete copy of the “2009 Data Breach
Investigations Report” is available at