A shift in cyber-criminals’ focus from attack quantity to quality is ominous sign for 2016 says Peter Smith, pictured, Regional Sales Manager for Europe at Netwrix, an IT and compliance product firm.
One of the first published statistics about cyber breaches for the whole of 2015 is that the number of compromised records fell, that’s right, fell, from 295 million in 2014 to less than 198 million last year. The Chronology of Data Breaches study by Privacy Rights Clearinghouse also reveals that the number of companies experiencing a data breach in 2015 reduced by 44 per cent from 2014. Yet 2015 was arguably the worst ever year for cyber breaches. UK customers have not yet recovered from shock after breaches at such well-known companies as British Gas, JD Wetherspoon, Moonpig, TalkTalk and Vtech compromised the personal data of many hundreds of people. Furthermore, security experts are still assessing the actual damage for 68pc of data breaches, so the final tally in terms of compromised accounts is very likely going to be a lot higher.
What’s the reason for this? Quite simply the pattern is for cyberattacks to be more targeted and sophisticated. Their success rate is rising. There is more damage but with fewer attempts. Previously cyberattacks were focused on organizations handling large amounts of customer financial data such as major retailers and banks. The events of 2015 show that cyberattacks are now aimed at personal as well as financial data and are an equal threat to all companies, regardless of their size or industry sector. At Netwrix we have picked out five patterns of cybercrime that were the most common root cause of security incidents in 2015. The data breaches listed below are ranked by the number of reported cases and point to the security threats that will require the most vigilance in 2016.
1.Hacking or malware. Malware and electronic entry by an outside party remained the leading cause of data breaches for the second year in a row. Overall, 92 registered cases occurred because hackers gained unauthorized entry into a company’s systems via Web app attacks, spyware, social engineering and Trojans. This includes the lion’s share of all customer data compromised (around 195 million records).
2.Portable devices. The second most frequently reported type of cybercrime was the unauthorized access to information stored on portable devices, including laptops, smartphones and external hard drives. Overall, 28 security incidents investigated to date resulted in the loss of over 20,000 sensitive data records this year.
3.Unintended disclosure. The human factor is still a serious issue for data security. More than 38,000 records were exposed in 26 incidents due to employees’ errors, such as misdirected emails and confidential information accidentally posted on companies’ websites.
4.Insider misuse. Company employees or contractors with legitimate access to sensitive information posed a threat to data integrity in 11 cases. Despite the relatively small number of incidents, insiders caused significant damage and compromised more than 600,000 customer records.
5.Physical loss. Lost, discarded or stolen, non-electronic assets with sensitive information (eg. paper documents), as well as card skimming and theft of stationary devices, became the root cause of data leaks in five cases, resulting in the loss of 1100 records.
In summary
Although 2015 saw fewer security incidents than expected, the actual damage from data breaches rose substantially. Equally disturbing is the fact that investigations into more than half of all breaches are still in progress so the full extent of damage is not yet known. The huge number of compromised records is an ominous sign for the year ahead. It shows that security measures still lag behind highly motivated intruders who are continually evolving their main cybercrime threat patterns. To successfully counter these threats organisations need a new cybersecurity mindset that combines conventional perimeter protection with deep network visibility to gain better control over the IT infrastructure and minimize the risk of data loss.
About Peter Smith
Peter is Regional Sales Manager for Europe at Netwrix, a supplier of IT auditing software. Peter’s career in European sales management began in the mid-1990s since when he has acquired experience in channel relations and in new business sales while working for a number of start-ups and IT security brands.
