Hacktivism Haunts the World: Verizon Publish 2012 Data Breach Investigations Report

Today Verizon published its annual 2012 Data Breach Investigations Report (DBIR), and whilst I and others sift through the finer details, one early conclusion was that “hacktivism rose to haunt organizations around the world.”

In the executive summray the report states:

“Mainline cybercriminals continued to automate and streamline their method du jour of high-volume, low-risk attacks against weaker targets. Much less frequent, but arguably more damaging, were continued attacks targeting trade secrets, classified information, and other intellectual property. We certainly encountered many faces, varied tactics, and diverse motives in the past year, and in many ways, the 2012 Data Breach Investigations Report (DBIR) is a recounting of the many facets of corporate data theft.”

The report looks in detail at data breaches and the who the culprits are, how they did it and where mitigation efforts should be focused. Some top level statics from the report (+/1 % are year on year stastics)

Who is behind data breaches?

98% of data breaches stemmed from external agents (+ 6%)
4% of data breaches implicated internal employees (-13%)
58% of all data theft wsa tied to activist groups

How do breaches occur?

81% utilized some form of hacking (+ 31%)
69% incorporated malware (+ 20%)
10% involved physical attacks (-4%)
5% resulted from privilrge misuse (-12%)

What commonalities exist between breaches?

79% of victims were targets of opportunity (-4%)
96% of attacks were not highly difficult (+4%)
94% of all data compromised involved servers (+18%)
85% of breaches took two weeks or more to discover (+6%)
97% of data breaches were avoidable through simple controls (+1%)
96% of victims subject to PCI DSS had not achieved compliance (+7%)

There is no doubt we’ll be making more comment on this report once we’ve fully digested it. In the meantime, have a read of Verizon’s 2012 DBIR yourself here.

Verizon’s DBIR is a study conducted by the Verizon Risk Team with cooperation from Australian Federal Police Force Dutch National High Tech Crime Unit, Irish Reporting and Information Security Service, Police Central e-Crime Unit, and United States Secret Service.