Threat Report Urges Focus on Attack Patterns

Threat Report Urges Focus on Attack Patterns

Threat Report Urges Focus on Attack Patterns

Profile of Victims 38% of breaches targeted larger organizations, 37% of breaches affected financial organizations, 24% of breaches occurred in retail stores or restaurants

Two themes emerge from Verizon's "2013 Data Breach Investigations Report." First, a substantial increase in the number of partners that contributed threat data—18 cyber-enforcement entities from around the world, up from just four a year earlier—appears to have brought more balance to the findings. Second, there are stronger patterns behind security breaches than previous reports had indicated. Specifically, more than two-thirds of all breaches investigated by Verizon fell into one of three categories: physical attacks on automated teller machines (ATMs); penetration techniques such as phishing, malware and hacking; and point-of-sale "smash-and-grab" attacks. "While some may argue that we are dealing with an intelligent and adaptive adversary, the data tells us that adaptation isn't necessary for many of these attackers," the report's authors write. "Treating our adversaries as random and unpredictable is counterproductive. We may be able to reduce the majority of attacks by focusing on a handful of attack patterns." The data set for this year's report represents more than 47,000 reported security incidents in 27 countries, including 621 confirmed data disclosures, 421 of which fell into one of the above-mentioned categories.

Tony has been writing about the intersection of technology and business for more than 20 years and currently freelances from the Grass Valley, Calif., home where he and his wife are raising their two boys. A 1988 graduate of the University of Missouri-Columbia School of Journalism and regular contributor to Baseline since 2007, Tony's somewhat infrequent Twitter posts can be found at http://twitter.com/tkontzer.
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.