Trends and traits of infamous data breaches

iStock_000019633342_SmallAs noted in October’s list of data breaches, over 140 million records were leaked. One of the biggest stories was the outage of some major sites such as Twitter, Spotify and Reddit. The outage was caused by a massive DDoS attack on Dyn, which is the DNS service that the above sites and many others use.

According to Verizon’s 2016 Data Breach Investigations Report, we can now assume that:

  • Breaches are a global problem

Verizon’s data strongly suggests that data breaches are emerging as a global phenomenon, regardless of the organisation’s sector, nationality or size. The UK and the US are not the only countries that need to watch out for cyber threats.

  • Many breaches go unreported

Most confirmed breaches happen in a matter of minutes or hours but aren’t discovered for weeks or months (if at all). That gap points to the simple fact that organisations can’t report what they don’t know. Additionally, many breaches, especially in the US, only come to light when the breach is discovered externally.

  • Cyber espionage is rare but usually serious

Only 0.4% of confirmed breaches are attacks by nation states, and the attacks are almost always to gather intelligence or to steal data.

  • Attacks through the Internet of Things are still in the early stages

Devices connected to the Internet bring obvious risks; Verizon hasn’t seen real-world attacks through the IoT yet, but they believe it’s only a matter of time before we a large-scale breach occurs.

  • Majority of successful breaches have been ‘easy’ for hackers to initiate

Most successful external attacks have been initiated by a simple phishing attack using a malicious attachment or link. Employees are often seen as the weakest link in a company’s security strategy because, no matter how much you have invested in processes and technology to fight cyber crime, it takes only a single click on a malicious link in a phishing email to jeopardise your whole company’s security.

Data breaches: how, what, why, where and when

To help you understand the trends and traits of data breaches, what they are, how and why they occur, and what you can do to avoid suffering a similar fate, take a look at these insightful titles: