In its 2009 Data Breach Investigations Report (DBIR), Verizon investigated 90 data breach cases that exposed a 285 million records, which is equivalent to nine records per second. This figure is far greater than the 230 million records recorded as breached in the five years combined from 2004 to 2008.
The study looked only at breaches involving attacks that resulted in compromised records being used in a crime. Verizon Business found that organised crime was behind 90 percent of all breaches which involved compromised records.
Market saturation has driven down the price of credit card details on the black market. Details that were valued at around $10 to $16 per record in mid-2007, are now sold for less than 50 cents per record today.
As a result, personal identification numbers (PIN) fraud has exploded as criminals are targeting financial firms to steal PINs and together with associated credit and debit accounts. Financial firms accounted for 93 percent of the over 285 million records compromised.
"Financial services firms were singled out and fell victim to some very determined, very sophisticated, and--unfortunately--very successful attacks in 2008," said the report.
The report also found most data breaches originate from external threats, rather than internal, with 74 percent of breaches caused by external sources.
Hacking is the leading cause of data breaches for the fifth year running, involved in 94% of cases that led to breached records. Malware was involved in over one-third of the cases investigated and contributed to nine out of 10 of all records breached. SQL injection was the favourite type of attack, used in 79% of cases were records were compromised.
But most breaches resulted from a combination of events rather than a single action, the report found, with 64 percent of breaches attributable to hackers using a combination of methods.
Matthijs van der Wel, manager principal forensics EMEA, at Verizon Business Security Solutions, outlined the typical scenario for data losses. "The end user makes a mistake. The attacker takes advantage of some mistake committed by the victim company, hacks into the network, perhaps using an SQL injection attack, and installs malware on a system to collect data."
Posts
No comments:
Post a Comment