News
Report: Most Security Breaches Not Discovered Until Months After
Almost 60 percent of company breaches go unnoticed for months to years, according to a security report by Verizon.
The brief, titled "Verizon 2011 Investigative Response (IR) Caseload Review," studied 90 corporate data breach incidents, half occurring in North America and the other half split between Europe, the Middle East and the Asia-Pacific region.
While the full findings won't be published until later this year, Verizon has released this early brief to highlight some of its analysis.
According to the report, many of the late breach incidents were only known after a third party had contacted the victimized company.
"It is disheartening to say the least that an external party -- typically via fraud detection or customer notification -- detected over two-thirds of breaches," said Verizon. "While not encouraging, it is hardly surprising either when one considers that this statistic has ranged from 61 percent to 86 percent each year we've conducted our study."
The Verizon report also found that a breach caused by an "exploitation of default or guessable credentials" made up 29 percent of all observed attacks. Second on the list were backdoor exploits at 26 percent. Rounding out the top three at 24 percent were attacks occurring after specific passwords or credentials were stolen.
All three of the top attacks were classified as either a hacking or malware vulnerability, which Verizon points out are the only types of attacks that have constantly been on the rise since 2005.
However, the report points out that corporations' security strategy should not only focus on these two threat types.
"Let us be clear: the message to be received here isn't 'disregard all threats except malware and hacking,' but rather 'evidence consistently illustrates that data theft is perpetrated using these kinds of attacks,' said Verizon in the report."The wise organization will therefore identify its weaknesses with respect to malware and hacking threats and prioritize related defenses."
Verizon also found that 92 percent of corporate breaches studied were caused from an external source. It also pointed out that this finding goes against many other security firm analyses that say a majority of breaches are caused from internal sources.
"I think that's a bit of a myth in the security community," said Wade Baker, director of risk intelligence at Verizon Business. "There's fewer people inside of an organization than there are outside and I think it stands to reason that, by the numbers, we will have more external incidents."
Look for Verizon's complete report later this year, which will also factor in data and analysis from international law enforcement agencies and security firms.