CONFERENCE Watch Now: Threat Detection & Incident Response (TDIR) Summit - Watch Event On-Demand
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Verizon Previews Data Breach Investigations Report

RSA Conference News

RSA Conference News

SAN FRANCISCO – RSA CONFERENCE 2012Verizon today offered a glimpse into the findings from its soon to be released “Data Breach Investigations Report” (DBIR). The DBIR is a comprehensive and well-respected report compiled each year by Verizon that reviews and analyzes breaches that occurred during the year from around the world.

According to Verizon, the full report will analyze more than 850 breaches, and include data from five law enforcement agencies including the U.S. Secret Service, the Dutch High Tech Crime Unit, the Irish Reporting and Information Service, the Australian Federal Police and the London Metropolitan Police. Approximately 10% of the breaches were investigated by Verizon, the company said.

The preview revealed that financial gain appeared to be the main motive for attack in 2011. However, Verizon says, consistent with the rise of “hacktivism” in 2011, they observed a clear increase in breaches perpetrated as acts of protest and retaliation. Related to these two divergent motives, organized criminal groups were once again behind the majority of incidents, but activist groups and disgruntled former employees made a rather damaging showing as well.

In terms of geographic origin of attacks, Verizon saw a fairly even mix between the Americas, EMEA, and APAC regions, with a slight majority leaning toward EMEA.

Moreover, Verizon’s analysis showed that 99% of all stolen data involved the use of some form of hacking and malware. Social engineering tactics, while less common, were also tied to over half of all data loss in the breaches investigated.

The table below lists the top 10 most-observed “threat actions” from breaches that occurred in 2011. “The list is relatively similar to prior years,” the preview notes. “It is abundantly clear that cybercriminals seek to overcome or undermine access control mechanisms in the process of locating and removing sensitive data.”

Top Hacking Attack Methods DBIR

The “Verizon 2011 Investigative Response Caseload Review” is available here and provides topline findings from Verizon-investigated breaches that will be included in the upcoming report this spring.

Advertisement. Scroll to continue reading.
Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Jeremy Koppen has left Mandiant after 13 years to become the CISO of Equifax.

Engineering and technology solutions provider Amentum has appointed Max Shier as its CISO.

PAM provider Keeper Security has appointed Shane Barney as its Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.