This probably won’t have shown up in your mailbox or in the media that you consume, whether virtual or physical. In the Cyber Security game, the annual Data Breach Investigation Report (DBIR) from Verizon is required reading. This is it’s tenth year in circulation and it grows every year. It’s nothing like the typical surveys that you will see from consulting or security companies that are trying to scare you into doing business with them. No. The DBIR is about what has actually happened across a large selection of disparate industries.
So this is all about the facts, Mam. ?
At it’s heart, this report is made of data from 65 organizations, which in 2016 had just over 42,000 incidents ?, which resulted in some 1,935 breaches ?. It’s a fairly global picture too, with the incidents and breaches coming from 84 countries.
Just for clarity, they define these terms as follows:
Incident: A security event that compromises the integrity, confidentiality or availability of an information asset.
Breach: An incident that results in the confirmed disclosure – not just potential exposure – of data to an unauthorised party.
So here are some of the highlights from this data breach report:
- The top industries affected were Financial Services (24%), Healthcare (15%), Retail/Accomodation (15%) and Public Sector (12%).
- 66% of malicious software (malware) was installed via e-mail attachments.
- Hacking was used in 62% of the breaches and of these, 81% leveraged stolen and/or weak passwords. Come on folks. Seriously – Commandment 8 anybody?
- 75% of the breaches were carried out by people external to the victim companies and half of them were affiliated with organised criminal groups.
- 27% of the breaches were uncovered by third parties, so in over a quarter of the cases, the victims were unaware until somebody else told them.
Other interesting facts from the report highlight the types of incident/breach which is most targeted at different industries:
- Accommodation/Food was mainly targeted for Point-of-Sale (POS) breaches, which is purely financially motivated.
- Financial/Insurance were targeted by Denial-of-Service attacks, however there was also a large incidence of Banking passwords being stolen and ATM cards being skimmed (see my previous blog post for more on skimming). So again these breaches are of the financial type.
- Manufacturing was interesting. The greatest number of breaches in this sector were for espionage purposes. So in this case, the evil doers were using a data breach to mine information from their target.
Finally, Ransomware (the type of malicious software (malware) that scrambles all of your files and demands you pay money to get the key to unscramble them) has gone from being the 22nd most common malware in 2014 to being the 5th most prevalent in 2016. Ransomware campaigns targeted Public Sector, Healthcare and Financial Services (in that order) in 2016. All I can advise is that you follow Commandment 4 and Commandment 5 and you should not be overly concerned about Ransomware.
Have you any concerns about any of the above? If so, then pop an e-mail to info@L2CyberSecurity.com and we will make contact to discuss in simple terms what you need to do to help allay your worries.