‘This year’s report once again demonstrates that there is no such thing as an impenetrable system, but often times even a basic defense will deter cyber criminals who will move on to look for an easier target.’
The Verizon 2016 Data Breach Investigations Report – DBIR – reveals the increasing threat cyber criminals pose to businesses of all sizes.
Of increasing concern to Verizon’s security researchers is the speed in which cyber crime is committed. In 93% of cases, it took attackers minutes or less to compromise systems and data exfiltration occurred within minutes in 28% of the cases.
As with the 2015 report, compromises of mobile and Internet of Things – IoT – devices are not a significant factor in the 2016 DBIR. However, the report notes that proof of concept exploits are real and it’s only a matter of time before a large scale breach impacts mobile and IoT devices, which means organizations should continue to be vigilant about protecting smartphones and IoT devices.
Also worth noting from the report is that Web application attacks climbed to the #1 spot for data breaches, and that 95% of web app breaches were financially motivated.
The rise of the three-pronged attack
This year’s report calls out the rise of a new three-pronged attack that is being repeated with great regularity. Many organisations are falling prey to these attacks that include:
- Sending a phishing email with a link pointing to the malicious website or mainly a malicious attachment
- Malware is downloaded onto an individual’s PC that establishes the initial foothold, and additional malware can be used to look for secrets and internal information to steal – cyber espionage – or encrypt files for ransom. Many times the malware steals credentials to multiple applications through key logging.
- Use of the credentials for further attacks, for example, to log into third-party websites like banking or retail sites.
‘The goal is to understand how the cyber criminals operate,’ said Bryan Sartin, executive director of global security services, Verizon. ‘By knowing their patterns, we can best prevent, detect and respond to attacks.’
2016 report reiterates the need for the basics
The researchers note that basic, well-executed measures continue to be more important than complex systems, and include:
- Know what attack patterns are most common for your industry. Utilize two-factor authentication for your systems and other applications, such as when logging into popular social networking sites.
- Patch promptly.
- Monitor all inputs: Review all logs to help identify malicious activity.
- Encrypt your data: If stolen devices are encrypted, it’s much harder for attackers to access the data.
- Train your staff: developing security awareness within your organization is critical especially with the rise in phishing attacks.
- Know your data and protect it accordingly. Also limit who has access to it.
‘This year’s report once again demonstrates that there is no such thing as an impenetrable system, but often times even a basic defense will deter cyber criminals who will move on to look for an easier target,’ added Sartin.
