The study from Verizon had some interesting (and scary) information about the growing worldwide market for stolen data. For example, attacks from Asia, particularly in China and Vietnam, often involve application exploits leading to data compromise. – Folks over there know about coding, automating attacks and have the motive of acquiring confidential information to use.
Defacements frequently originate from the Middle East – no surprise, given the hotheads there.
Internet protocol (IP) addresses from Eastern Europe and Russia are commonly associated with the compromise of point-of-sale systems. (Can you say “Hannaford?”)
Those folks are in it for the money.
One area not overly referenced in the report is the fact that banking hacks often originate from South America – looking for the really BIG money.
Retail, food and beverage industries account for more than 50% of the cases studied. Small and medium-sized businesses are still struggling to keep up data security- especially with credit card information. Eighty percent of the data stolen was payment card information.
The other source in small companies is theft of employee/client personal information often found in HR/payroll databases and client GL (General Ledger) information. With little or no segregation of duties, providing oversight into who accesses that information is very difficult. The second highest type of data stolen (32%) was PII – personal information.
Which accounts for why so many businesses (70%) had breaches that were discovered by an outside party.
Here’s some of Verizon’s recommendations for the Enterprise:
# Align process with policy. In 59 percent of data breaches, the organization had security policies and procedures established for the system, but these measures were never implemented. Implement, implement, implement.
# Create a data retention plan. With 66 percent of all breaches involving data that a company did not even know was on their system, it’s critical that an organization knows where data flows and where it resides. Identify data and prioritize its risk to the organization.
# Control data with transaction zones. Investigators concluded that network segmentation can help prevent, or at least partially mitigate, an attack. In other words, wall off data when and where appropriate.
# Monitor event logs. Evidence of events leading up to 82 percent of data breaches was available to the organization prior to actual compromise. Data logs should be continually and systemically monitored and responded to when events are discovered.