data breach review - takeaways for the business infographic
DESCRIPTION
Verizon’s 2012 Data Breach Investigations Report covering the year 2011 gives a very thorough statistical analysis of the global security state. According to the study, there have been 855 breaches worldwide in 2011, involving more than 174 million compromised records. We've looked through the 90+ pages of the report and prepared an easy-to-understand infographic showing the study's most important statistical data and conclusions, which we hope will be of use to business managers in all industries.TRANSCRIPT
Countries Affected
36 vs. 22(2011) (2010)
The Attackers
Characteristics of the Breaches
The Breach Discovery
Countermeasures
The Targets
www.praetorianguard.netSource:http://www.verizonbusiness.com (2012 DATA BREACH INVESTIGATIONS REPORT)
95%ExternalThreats
Comparison by Percent of Breaches Comparison by Percent of Records Lost
Organized Cybercriminals vs. Activist Groups
Professional cybercriminals were responsible for most of the data breaches in 2011 (83% of breaches). They focused on opportunistic attacks on a multitude of smaller targets, which presented a lower risk to them.
Activist groups accounted for a relatively small proportion of the attacks (2% of breaches) but they stole a considerable amount of records - over 100 million (58% of records lost). Almost all data stolen by activist groups were taken from larger organizations, so that they could draw more attention and publicity to their attacks.
Top 3 Origins of External Attacks
Americas-North20%
Europe-West4%
44%
27%
27%Europe-East*
Europe-West
Americas-North
96%Financial or
Personal Gain
3%Protest orDisagreement
25%
71%Financial or
Personal Gain
Protest or
Disagreement
Eliminate unnecessary data Ensure essential controls are metand regularly check that they remain so
Monitor and mine event logs
Evaluate your threat landscape to prioritize yourtreatment strategy
Implement a firewall or ACL on remote access services
Change default credentials of POS systemsand other Internet-facing devices
If a third party vendor is handling the two items above, make sure they’ve actually done them
59%Notified by law enforcement
26%Third-party fraud detection
21%Brag or blackmail by perpetrator
16%Witnessed and/or reported by employee
Most Common Breach Discovery Methods
{{LO
SO42
57048
272310
135
Breaches by Target Size
1 to 10
11 to 100
101 to 1000
1001 to 10,000
10,001 to 100,000
Over 100,000
Unknown
855 breaches
LOAO
LO
AO
Top 2 Motives
LO
AO
Europe-East*
67%
ProfessionalCybercriminals
ActivistGroups
21%33%
LO
ProfessionalCybercriminals
2%
83%
ActivistGroups
AO
58%
35%
61%
36%
ProfessionalCybercriminals
ActivistGroups
ProfessionalCybercriminals
ActivistGroups
LOAO
*Incl. Russia and Turkey
The vast majority of incidents (85%) were caused by attackers who were able to compromise the victim very quickly (minutes or faster). This result is primarily due to the many automated, quick attacks against smaller businesses.
TimespanTypes of Attacks
Opportunistic Attacks
TargetedAttacks
Unknown
50%
15%
35%
LO
Unknown
TargetedAttacks
OpportunisticAttacks
79%5%
16%
AO
65%LOW DIFFICULTY LEVEL
of the initial attack
Attack Difficulty
LOAO
LOAO
4%Reported by customer/partner
affected by the incident
Log analysis and/or review process8%
8%Third-party fraud detection
Hacking was the leading method for infiltration, used in external threats for 2011 - it occurred in 81% of the breaches. A whole 61% of all breaches featured a combination of hacking techniques and malware. The most used hacking method was exploitation of default or guess-able credentials.
No3 - Social Engineering
No2 - Malware
No1 - Hacking
Most Used Methods for Infiltration
Malware factored in over two-thirds of the 2011 caseload and 95% of all stolen data. The most common malware infection vector was installation or injection by a remote attacker.
Social engineering was used in 7% of the breaches.Pretexting (classic social engineering) was the most used form of social engineering.
Data Taken
0 20 40 60 80 100
All OrganizationsLarger Organizations
Payment card numbers/data
Authentication credentials
Personal information
Sensitive organizational data
Bank account numbers/data
System information
Copyrighted/Trademarked material
Trade secrets
Classified information
Medical records
Unknown
{
Verizon’s 2012 Data Breach Investigations Report covering the year 2011 gives a very thorough statistical analysis of the global security state. According to the study, there have been 855 breaches worldwide in 2011, involving more than 174 million compromised records. What can businesses learn from the report? Take a look at the report’s highlights:
Data Breach Review - Takeaways for the Business
SOLO
AO = All Organizations
= Larger Organizations (1000+ Employees)
= Small Organizations (1-1000 Employees)
Legend
AO
Small Businesses
Cost of Recommended Countermeasures
Network Management, Network Monitoring,and User Monitoring Software
5%Difficult and Expensive
63%Simple and cheap
31%Intermeadiate
3%Difficult and Expensive
3%Unknown
54%
20%10% 7% 3% 6%
28%22%
12% 8% 7% 5%18%
Breaches by Industry
Acc
omm
odat
ion
& F
ood
Ser
vice
s
Reta
il Tr
ade
Fina
nce
and
Insu
ranc
e
Hea
lth C
are
and
Soc
ial A
ssis
tanc
e
Info
rmat
ion
Oth
er
Fina
nce
and
Insu
ranc
e
Info
rmat
ion
Reta
il Tr
ade
Man
ufac
turing
Publ
ic A
dmin
istr
atio
n
Tran
spor
tatio
n an
d W
areh
ousi
ng
Oth
er
Larger Businesses
40%Simple and cheap
55%Intermeadiate