Security Breaches Click to download a PDF

An incident that results in the confirmed disclosure—not just potential exposure—of data to an unauthorized party.

The 11thedition of Verizon’s 2018 Data Breach Investigations Report. The report is available for download here(PDF, 68 pp., no opt-in). Verizon has taken a data-driven approach to analyzing security breaches and incidents, providing insights on security. The depth of analysis and insights gained to make this report noteworthy for anyone interested in Zero Trust Security (ZTS), Next-Gen Access and business IT security. The study confirms the widely-held belief that using stolen or compromised credentials are the most common approach hackers use to attack and breach systems

Verizon finds there has been over 53,000 incidents and 2,216 confirmed data breaches this year. They define a breach as an incident that results in a confirmed disclosure of data by an unauthorized actor, while incidents are a security event that compromises the integrity, confidentiality or availability of an information asset.

Louis Columbus a contributor at Forbes did an amazing job gleaning stats from the Verizon report.

The most difficult stat to read was my own role (internal actor) as an outsourced System Admin/CIO for companies. 

Organized crime organizations are behind 62% of external actor-based breaches.

System admins are the top internal actors responsible for breaches 25.9% of the time.

76% of breaches are financially motivated, and 68% took months or longer to discover.

58% of security breach victims are small businesses, the largest segment overall.

The top five Industries experience the most breaches:

  1. Healthcare
  2. Accommodation
  3. Public Administration
  4. Retail
  5. Finance

Cyber-Espionage and the stealing of valuable intellectual property drive 47% of all manufacturing IT breaches.

Organized crime and state-affiliated actors are responsible for 6% of external breaches. Internally-based actors responsible for breaches are more distributed, with end users responsible for 22.3%, doctors or nurses initiating 11.5%, and developers, 5% of internal breaches.

Databases are the top assets involved in breaches (19.6%)

POS terminals (15.8%)

POS controllers (15.8%)

Web Apps (13.7%)

Desktop systems (12.8%)

Digital documents (11.3%)

Mail servers (6%)

The wide variety of assets involved in breaches underscores how important it is to implement a Zero Trust Security (ZTS) approach across a business and each of its endpoints. Leaders in ZTS include Cyren (Web Gateway Security), SentinelOne (Advanced Endpoint Protection), and EventTracker (SIEM).

Phishing and pretexting represent 93% of social attack-based breaches.

Email continues to be the most common vector (96%) for launching social attacks, with 99% of the actors being external to organizations.

59% of phishing and pretexting attacks are motivated by financial gain, with an additional 38% motivated by corporate espionage. The study makes a great point that phishing is relied on as the lead action or strategy of a more expanded attack that is followed by malware installation and further actions to attain greater exfiltration of data.

The study found that 78% of people didn’t click a single phish all year, highlighting the effectiveness of internal firewalls and ongoing security training. Social breaches are gaining access to personal data (47.2%) followed by proprietary company IP or secrets (25.9%), and credentials (16.8%) which are used to launch compromised credential attacks.

 

Loop Advisors exists to protect businesses and their clients from cyber criminals. Unfortunately, most small businesses don’t have the same security solutions that large companies do.

The mission of Loop Advisors is to deliver world class security tools to small and medium businesses.

We leverage powerful, behavior-based threat detection to stop advanced malware, exploits, and script-based attacks.

In addition, our enterprise level SIEM solution provides another layer of security with monitoring and protection.

Our managed solution includes the ability to identify and roll back ransomware with fully integrated response capabilities.

Additional Business Insurance Coverage

End of Life Computer Asset Management

Loop Advisors has created a process to protect companies and their clients from today’s ransomware threats, viruses, hackers, and zero day attacks. Call us to complete your Security Checklist.

Click to download a PDF