This post references the Verizon 2010 Data Breach Investigations Report.
From 2004-2009, over 87% out of approximately 919 million data records were compromised by external threats. I agree with the authors of the report in stating that this is one of the most powerful statistics in the paper. The harm caused by external threats is clearly the most costly to organizations. The more valuable the information an organization has the more secure its network security has to be, plain and simple. External threats in 2009 comprised 70% of breaches and 98% of records. Internal threats in 2009 comprised 48% of breaches and 3% of records.
The types of external threats and percent of breaches include Organized Crime (24%), Unaffiliated person(s) (21%), external systems (3%), activitst groups (2%), former employees (2%), other organizations (1%), competitor (1%), customer (1%) and unknown (45%). Organized crime is the largest identified threat agent. This is not unusual as organized criminals, located all over the world, have the resources to infiltrate networks and extract valuable data. Geographically, 21% of external breaches orginate from Eastern Europe, including Russia. North America origin accounts for 19% of breaches and East Asia accounts for 18%. Unknown origination accounts for 31% . Interestingly, in 2009 Verizon cases, East Asia rose to the top spot for external breach origination, while a majority of the unknown origination is suspected of coming from East Asia.
The unknown in both external threats and external threats origination is a result of breach victims not seeking out an answer to who or where their attack came from. This is often a purely financial decision or the attacker can not be identified. Most breach cases handled by the US Secret Service have a determined suspect and origination due to prosecution.
What does it all mean? Cyber-crime is not new. The number of external agents with the knowledge to access sensitive corporate data on "secure" networks is not shrinking. The constant battle to develop secure applications as old security is compromised will not end. Corporations need to be vigilant and consistently monitoring network security and procedures to stay ahead of external threats.
No comments:
Post a Comment