Verizon’s latest annual report on data breach investigations shows that Web application attacks, cyber-espionage and point-of-sale intrusions were among the top IT security threats in 2013.
The financial Industry is the worst leaker of data with 465 breaches. However, the UK public sector suffered 175 such incidents, retail had 148 and accommodation dealt with 137 breaches.
The number of breaches attributed to cyber-espionage has been on the rise over the past few years and of course the biggest offender would be the US government.
Hacking, malware and social engineering remained the top threats associated with data breach incidents.
The use of stolen credentials, which Verizon classifies as hacking, was the leading threat action in 2013 and contributed to 422 breaches. It was followed by malware-based data exfiltration, phishing, the use of RAM scrapers and use of backdoors.
All up, the report covers 1,367 confirmed data breaches, and 63,437 security incidents that put the integrity, confidentiality or availability of information assets at risk.
Organizations have slightly improved the speed at which they are able to detect breaches, but attackers are getting faster at compromising their targets.
Paul Pratley, an investigations manager with the RISK Team at Verizon said that attackers look for vulnerable victims on the Internet and deploy automated attacks.
Often it will take seconds to minutes before a network is compromised, but it can take weeks to months or even a year to discover the hack, he said.
Data breaches discovered by organisations themselves outnumbered those discovered by external fraud detection systems for the first time.
The government is not only creating problems, it has been useful at actually discovering hacks which are not created by the NSA.
The report said that coppers and other third-party organizations like computer security incident response teams (CSIRTs) were playing an increasingly important role in discovering breaches and notifying victims.
Web application attacks were the leading cause of security incidents with confirmed data disclosure last year — 35 percent of breaches — and were primarily driven by either ideological or financial motives.
Breaches that result from Web application attacks are usually discovered by external parties, the report data shows.
In the case of financially motivated Web application breaches it’s usually the customers who notice the problem first; only 9 percent of victim organisations discovered such incidents internally.