Security Breaches Down, But Insider Threats Troubling
Share This -
Thursday, 29 July 2010
By Mel Duvall
Security breaches appear to be down from last year, according to a comprehensive report issued by Verizon Business and the U.S. Secret Service. But more of the breaches involve insider threats and a greater use of social engineering.
The 2010 Data Breach Investigations Report, which involved a first-of-its-kind collaboration with the Secret Service, called that the trend toward an overall decline in security breaches "promising."
The decline may be due to a number of factors, says the study, including "law enforcement's effectiveness in capturing criminals." The report cited the arrest of Albert Gonzalez, a notorious computer hacker who pleaded guilty to helping run a global ring that stole hundreds of millions of payment card numbers. Gonzalez was sentenced last year to 20 years in prison.
"The reduction in breaches is a positive sign that we are gaining some ground in the fight against cybercrime," Peter Tippet, Verizon's vice president of technology and enterprise innovation, said in releasing the report.
With the inclusion of data from the Secret Service, the Verizon study covered more than 900 breaches, involving more than 900 million compromised records. "By including information from the Secret Service caseload, we are expanding both our understanding of cybercrime and our ability to stop breaches," Tippet added.
While the overall decline in breaches offered good news, there are still plenty of threats to keep chief information officers and chief security officers up at night. Stolen credentials were named as the most common way of gaining unauthorized access into organizations, which points to the need for strong corporate security practices. Organized crime groups were believed responsible for 85 percent of stolen data.
Other key findings from the report:
Many breaches involved the misuse of privileges. Forty-eight percent of breaches were attributed to users who, for malicious purposes, abused their right to access corporate information. An additional 40 percent of breaches were the result of hacking, while 28 percent were due to social tactics, and 14 percent to physical attacks.
Most data breaches investigated were caused by external sources. Sixty-nine percent of breaches resulted from external sources, while only 11 percent were linked to business partners. Insiders caused 49 percent of the breaches, which is a jump over previous findings, primarily due to an expanded dataset and the types of cases studied by the Secret Service.
Many breaches are avoidable. As in previous years, nearly all the data was accessed from servers and online applications. The study found 85 percent of the breaches were not considered difficult and 87 percent of victims had some evidence of the breach, but missed it.
Meeting compliance is critical. Seventy-nine percent of victims were subject to the payment card industry security standard PCI-DSS, yet hadn't achieved compliance prior to being penetrated.
The report concluded that for many enterprises, simple actions can reap big benefits. It recommended that organizations do more to restrict and monitor privileges, be more vigilant in watching for "minor" policy violations, implement measures to thwart stolen credentials, and increase the monitoring and filtering of outbound traffic.
Only registered users can write comments. Please login or register.