Data breaches easily prevented - report
And often undetected for months
The vast majority of information security breaches might have easily been prevented, a study has concluded.
An analysis of 500 forensic investigations, collectively involving 230 million compromised customer records, by Verizon Business also found that three in four (73 per cent) of the breaches stemmed from external attacks, compared to 18 per cent that were blamed on insiders. The finding runs counter to the convention wisdom that misbehaving internal employees pose a bigger threat than hackers or other external sources. Two in five security screw-ups (39 per cent) were lammed on business partners.
Most breaches happened as a result of a cascading sequence of events rather than a single gapping hole. In three in five cases (62 per cent) internal errors contributed to breaches.
Nine out of ten breaches attributed to hacking attacks took advantage of a vulnerability for which a fix was available at least six months prior to an attack. Assaults on application, service or software layers were more common than assaults on operating system bugs.
Verizon's 2008 Data Breach Investigations Report also found that three in four breaches were discovered by an external organisation rather than the victims of attacks. In many cases data spills went undetected for extended periods.
The food and beverage industry accounted for more than half of the incidents investigated. The financial services market, where breaches carry higher inherent risk, accounted for 14 per cent of the cases.
The study found hacking is going international, with geographical areas of expertise emerging. Attacks from Asia, particularly China and Vietnam, often involve application exploits. Attacks on (presumably networked) point-of-sale systems often come from IP addresses in eastern Europe and Russia.
Its no surprise that the study concludes that the motives behind most of the attacks are financial. "Data compromise is the easiest, safest and most lucrative way to steal the information necessary to commit identity fraud," Verizon Business concludes. The growing black market in customer data creates an additional source of illicit income for miscreants. Verizon reckons hackers often pool resources in their efforts to attack vulnerable systems.
Verizon's report is available here (pdf). ®