Verizon Data Breach Investigations Report: Money Is Top Motivator

Data Breach

… take advantage of economies of scale,” Bassett said.

Managed security services are key to an SMB’s defense, Bassett added. That, and building security into other products, such as point-of-sale systems, that they use.

The growing number of SMBs using cloud-and web-based applications and tools has made them prime targets for cybercriminals. Phishing is the biggest threat for small businesses, accounting for more than 30% of breaches.

Security remains a challenge across the board for verticals. However, there are some differences. For example, in manufacturing, almost one in four (23%) malware incidents involved ransomware. That compares tp 61% in the public sector and 80% in educational services.

Errors accounted for one in three (33%) public sector breaches, but only 12% of manufacturing.

In North America, stolen credentials is the most common technique. That accounted for nearly 80% of hacking breaches. One in three (33%) breaches involved either phishing or pretexting.

Good News

“I think there is good news when it comes to security,” Bassett said. “The drop in malware certainly isn’t due to attackers not trying. That suggests to me that our malware defenses (antivirus, web and email proxies, etc.) are doing their job, even if they’re not perfect. Also, while we continue to hear of significant vulnerabilities and we know that most organizations only get 57% of their significant vulnerabilities patched in the first quarter, we only see single-digit counts of actors exploiting vulnerabilities in breaches.”

To Bassett, that means vulnerability management, patching and filtering are slowing the bad actors down. But that’s not to say you can ignore vulnerabilities.

“If you put an asset with old vulnerabilities on the internet, it’s likely to be exploited, as there are a number of well-known, easy-to-exploit vulnerabilities that attackers are continuously scanning the internet for,” Bassett said. “And it may not be intentional. While 43% of organizations’ internet-facing assets are in their first network … the rest are most commonly spread out over four additional networks. Assets in those areas may not be known and may be part of an organization’s responsibility, but not securely managed.”

Distributed denial of service (DDoS) is another good news story, he said. While it is the top incident variety, the most common DDoS attack size was 570 megabits per second. That’s well within the limits of almost any DDoS mitigation service.

“Even the top DDoS’s are mitigatable, meaning that an organization worried about DDoS can retain a mitigation service and sleep easy,” he said.

There is a new way of thinking about breaches that can expand defenders’ options, Bassett said.

“If you think about a breach as a point in time, there’s only before the breach when it’s too early to respond, and after, when it’s too late,” he said. “If you think of the breach as a series of actions that have to happen, you can pick when and where to respond to the attacker. You can lengthen the path so that it’s less appealing to attackers or not accomplishable at all. You can use what you have detected to guide looking for things you may not have detected. It’s a positive story for defenders that offers multiple opportunities to improve against attackers.”

Pages: Previous 1 2

Leave a comment

Your email address will not be published. Required fields are marked *

The ID is: 136338