Report: Most data security incidents follow nine basic patterns

New York – Nine basic attack patterns that vary from industry to industry are the source of 92% of the 100,000 security incidents analyzed by Verizon since 2004. This finding from Verizon’s “2014 Data Breach Investigations Report,” identifies the nine threat patterns as miscellaneous errors such as sending an email to the wrong person; crimeware (various malware aimed at gaining control of systems); insider/privilege misuse; physical theft/loss; Web app attacks; distributed denial of service (DDoS) attacks; cyberespionage; point-of-sale intrusions; and payment card skimmers.  

In the retail sector, the majority attacks are tied to DDoS (33%), which are attacks intended to compromise the availability of networks and systems so that, for example, a website is rendered useless, followed by point-of-sale (POS) intrusions (31%).

Other key findings in the report include: 

  • Cyber-espionage is up again in the 2014 report, representing a more than three-fold increase compared with the 2013 report, with 511 incidents partially due to a bigger dataset. As it did in 2013, China still leads as the site of the most cyberespionage activity; but the other regions of the world are represented, including Eastern Europe with more than 20%.
  • The use of stolen and/or misused credentials (user name/passwords) continues to be the number one way to gain access to information. Two-out-of-three breaches exploit weak or stolen passwords, making a case for strong two-factor authentication.
  • Retail POS attacks continue to trend downward, exhibiting the same trend since 2011. Industries commonly hit by POS intrusions are restaurants, hotels, grocery stores and other brick-and-mortar retailers, where intruders attempt to capture payment card data.
  • While external attacks still outweigh insider attacks, insider attacks are up, especially with regard to stolen intellectual property. The report points out that 85% of insider and privilege-abuse attacks used the corporate LAN, and 22% took advantage of physical access.

“After analyzing 10 years of data, we realize most organizations cannot keep up with cybercrime, and the bad guys are winning,” said Wade Baker, principal author of the Data Breach Investigations Report series. “But by applying big data analytics to security risk management, we can begin to bend the curve and combat cybercrime more effectively and strategically."