Errors blamed for 21 per cent of data breaches: Verizon report

Clumsy hands of employees continue to be the bane of CISOs according to the latest figures from the annual Verizon Data Breach Investigations Report.
Issued Wednesday, the report says 21 per cent of data breaches looked at last year were caused by errors. More worrying, system administrators as a source of accidental breaches are creeping up.

“While the rogue admin planting logic bombs and other mayhem makes for a good story,” says the report, “the presence of insiders is most often in the form of errors. These are either by misconfiguring servers to allow for unwanted access or publishing data to a server that should not have been accessible by all site viewers.”

As with previous reports, this year’s edition says the overwhelming majority of threats come from outside the enterprise — 69 per cent of the breaches looked at. Insiders — defined as employees — were behind 34 per cent of breaches, partners were blamed for two per cent, while five per cent involved insiders and partners.

One of the most comprehensive analysis of data from around the world, this year’s report looked at 41,686 security incidents from 73 contributors (including the FBI), of which 2,013 were confirmed data breaches. Verizon defines a data breach as a disclosure of data, not just a potential leak.

With security incidents showing no sign of declining, we asked Alex Pinto, head of research for the report what organizations aren’t learning.

“I think the most fair answer is sometimes it’s not so much that they’re not learning what they should be doing, because most of the recommendations from us would be pretty obvious — you should patch your servers, train your people so they don’t get phished. Getting those things done is the hard part,” he said, “Any of those things can be a multi-year effort for a large organization.”

“We try to give organizations a rough view of the landscape — it looks like in your industry is mostly being attacked by this — so if you want to do something to try to improve your security against the most likely thing that’s going to get you, we give you the cold, hard data … You can use this (report) to better decide on what to prioritize.”

Among the findings:
–15 per cent of breaches were caused by misuse by authorized users
–29 per cent of breaches involved stolen credentials
–56 per cent of breaches took months or longer to discover
–C-level executives are increasingly and proactively targeted by social engineering-related breaches
–compromise of web-based email accounts using stolen credentials (98 percent) is rising. It was seen in 60 per cent of attacks involving hacking a web application.
–one quarter of all breaches still associated with espionage.
–ransomware attacks are still strong, accounting for 24 per cent of the malware incidents analyzed and ranking second in most-used malware varieties
–discovery of cryptomining malware gets a lot of news, but in this report’s sample only accounted for roughly two per cent of incidents.


The report breaks incidents into nine classifications (crimeware, espionage, insider and privilege misuse, denial of service, payment card skimmers, point of sale intrusions, miscellaneous errors) and applies them across a number of sectors. The idea is to give CISOs in these industries insight into patterns and plan their defence strategies.

Get a copy of the full report here. Registration required.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now