NEW YORK (4/26/13)--Financial organizations were the top target of cybercriminals in 2012, with 37% of data breaches, according to Verizon's 2013 Data Breach Investigations Report.
Finance led the overall incident count, but once ATM skimming incidents were filtered from the mix, the finance sector dropped to just above the middle of the pack, said the New York-based Verizon.
The report comes just as the Credit Union National Association is warning credit unions about a potential denial of distributed service attack expected in May. (See News Now
story, "CUNA Warns Of Potential Denial Of Service Attack.")
Ninety-two percent of last year's breaches were perpetrated by outsiders, and 14% by insiders. That finding has been consistent through each year of the study but bucks the general opinion that insiders commit more fraud, said the report.
"All in all, 2012 reminded us that breaches are a multi-faceted problem, and any one-dimensional attempt to describe them fails to adequately capture their complexity," said the company.
During 2012, Verizon analyzed more than 47,000 reported security incidents and 621 confirmed data breaches. Since its study began nine years ago, it has reviewed 2,500 data breaches and 1.1 billion compromised records.
Last year's breaches were in a number of forms: 52% engaged in some form of hacking; 76% network intrusions exploiting weak or stolen credential; 40% malicious software (malware); 35% physical attacks; 29% social tactics; and 13% privilege misuse or abuse. The first three decreased since the 2012 study covering 2011's breaches. Physical attacks and social tactics increased.
Certain commonalities existed among the breaches. Seventy-five percent of the breaches were for financial motives, 71% targeted user devices; 54% compromised servers; 75% were considered opportunistic attacks; 78% of initial intrusions were rated as low difficulty; 69% were discovered by external parties; and 66% took months or longer to discover.
What can credit unions and others do to mitigate breach activity? The report made eight suggestions:
Eliminate unnecessary data and keep tabs on what's left.
Ensure essential controls are met and regularly check them.
Collect, analyze and share incident data to create a rich data source to drive security program effectiveness.
Collect, analyze and share tactical threat intelligence--especially indicators of compromise--that can aid defense and detection.
Without deemphasizing prevention, focus on better and faster detection through a blend of people, processes and technology.
Regularly measure data such as number of compromised systems and mean time to detection in networks, and use them to drive security practices.
Evaluate the threat landscape to prioritize a treatment strategy. Avoid the one-size-fits-all security approach.
If you are a target of espionage, don't underestimate the tenacity of the adversary or the intelligence and tools at your disposal.