Window on WANs

Jun 30 2009   3:59PM GMT

A year of networking dangerously: Security breaches at the brink

Tim Scannell Profile: TScannell

Ask network administrators what their biggest concerns are over the next several months, and most will quickly rattle off such things as bandwidth optimization, network reliability and remote access management.

When the day is done, however, and they are sitting in the comfort of their homes, away from control consoles and dashboards, their real worry is network security. Who is gaining unauthorized access to the network right now, and how much data is at risk because of an impending breach?

There is no valid way to measure just how many networks are violated each day and data stolen or corrupted, since most companies decline to go public with that information unless it results in criminal prosecution. Most prefer not to admit that their seemingly secure networks were breached unless they can also say they got the culprit.

Ironically, the only way to put a dent in cybercrime may be to fess up when it happens and let the world know just how prevalent the problem is within the sanctums of businesses large and small. Such efforts won’t stop network security breaches, but they may provide common ground for companies at least to slow it down.

This is the idea behind Verizon Business’s most recent Data Breach Investigations Report, which highlights some of the work done by the company’s forensics investigators to track down and document security breaches among its customer base. This marked the first time the company’s Business Risks Team has looked at and reported on network breaches and intrusions over a single year, instead of across multiple years — and the findings are sobering.

In 2008, for example, there were 90 confirmed breaches within its caseloads, involving a whopping 285 million compromised records (99.9% of which were compromised from servers and applications). Roughly 74% of these breaches came from outside sources, 20% from insiders, and 32% involved business partners. Approximately 64% of those breaches were the result of someone hacking directly into the network, using a variety of techniques ranging from bogus credentials to SQL injections made into seemingly harmless applications.

Among the interesting tidbits noted in the report:

  • The industries hardest hit by network security breaches include retail (31%), financial (30%), and food and beverage (14%) – mostly because of their reliance on credit card transactions and the fact that 81% of the business victims were not payment card industry (PCI) compliant.
  • Most of the attacking IPs originated from East Europe, followed by East Asia and North America.
  • Internal breach sources included (in this order) end users, IT administrators and senior management.
  • Up to 79% of the records breached were accessed through Web applications, while 27% were stolen or corrupted via remote access, and 7% through servers and server-based applications.
  • For all the hype surrounding the security (or lack thereof) of mobile devices, only about 1% of these systems were used as conduits for security breaches. Devices of choice included database and applications servers, laptops, file servers and public computer kiosks.

    The Verizon Business report goes on and on, touching upon such topics as malware, deceit and social attacks, and even cyber-blackmail. The report even points the finger of blame at human error as a breach pathway, noting such triggers as technical failure, programming errors, network misconfigurations, and good old user errors.

    A lot to think about as you sit by yourself in the safety of your home, quietly wondering whether someone has just opened a backdoor into your network and is now rifling through your sensitive files.

    Download a copy of Verizon’s 2009 Data Breach Investigations Report

     Comment on this Post

     
    There was an error processing your information. Please try again later.
    Thanks. We'll let you know when a new response is added.
    Send me notifications when other members comment.

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

    Forgot Password

    No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

    Your password has been sent to: