The number of lost records resulting from cyber crimes has dropped precipitously, according to a new report from Verizon Communications.
But dont let that fool you: The criminals havent retired.
The report found a record high number of data breaches, despite the fact that the number of compromised records involved in data breaches investigated by Verizon and the U.S. Secret Service plunged from 144 million in 2009 to about 4 million last year.
According to the report, the seeming contradiction between the low data loss and the high number of breaches likely stems from a significant decline in large-scale breaches, caused by a change in tactics by cybercriminals,” Verizon said. They are engaging in small, opportunistic attacks rather than large-scale, difficult attacks and are using relatively unsophisticated methods to successfully penetrate organizations.”
The report found that outsiders are responsible for 92 percent of breaches. Hacking (50 percent) and malware (49 percent) were found to be the most common types of attacks that were investigated. Physical attacks, such as compromising ATMs, represented 29 percent of all cases investigated.
This year, we witnessed high automated and prolific external attacks, low and slow attacks, intricate internal fraud rings, countrywide device-tampering schemes, cunning social engineering plots and more,” said Peter Tippett, Verizons vice president of security and industry solutions. And yet, at the end of the day, we found once again that the vast majority of breaches can be avoided without extremely difficult, expensive security measures.”
Verizon, the Secret Service and the National High Tech Crime Unit of the Netherlands Policy Agency collaborated to prepare the report, which now spans seven years and covers more than 1,700 breaches involving roughly 900 million compromised records.
Said U.S. Secret Service Assistant Direct A.T. Smith: Today, cyber criminals are operating in nearly every civilized nation in the world, exposing Americans personal information, either stored or transmitted, to substantial risk.”