This year, Digital Edge served as a contributor for Verizon’s Security Breach report by providing details and our analysis of our client’s breach reports (Note: None of our Client Confidentiality was Compromised. The Report Contains Attempts that were either Unsuccessful or Diverted by the Digital Edge Security Team). Every year they analyze and highlight security information of many companies to the public. This report generally includes the amount, the types and the success rate of the attacks; which is used in order to provide information and raise awareness of this ever-growing issue. Digital Edge analyzed the types of vulnerabilities, as well as, kept record of client uptime and recovery period. This is all elaborated upon in the Security Breach Report on a broader spectrum, combining our information with other contributors. Reporting internal data to Verizon is not mandatory, these statistics only portray those breaches which have been voluntarily recorded therefore statistical trends are valid and extremely interesting.
From the general reports, the most targeted are financial organizations which accounted for about 24% of the attacks. It is no surprise, that Financial Organizations accounted for the majority of those targeted, with 73% of total breached being financially motivated - extortion being the primary goal – using malware installed via corrupt email attachments.
A major key to point out in these exploitations is that they happen within hours or even minutes; however, identifying and fixing the problem can take days. Systems are built very securely now which make it difficult for a hacker to invade; however, once they get in it is very easy for them to extract a lot of information very quickly. From the IT stand point, once breached, it can take a while to identify, heal and recover from the damage that was done. Although this is an area of concern, the process of mending the vulnerability is developing and becoming faster. Digital Edge works hard to keep this recovery time period as short as possible and to get clients back on their feet as quick as possible.
From the report, we compiled a list of industries surveyed on the amount of attempted attacks versus successful attacks. The percentage shows the approximation of successful attacks on the industry (note: these are not 100% accurate because the sample sizes are very different and not all industries are mandated to report) which gives us information of how industries are protected. Financial industries are leading targets; and although the success rate is 47%, it decreased from 58% last year, showing improvement on their security system. Generally, the percentage of success lessened compared to last year’s reports even though some are still alarmingly high. Many things can factor into this, however, security systems are improving and making it harder for hackers to get in.
Below is the full table of industries, attacks attempted, successful attacks, and the percentage, as previously mentioned:
|Department||Total Attempted Attacks||Total Breaches||Percentage of Successful Attacks|
Digital Edge feels that IT departments need to focus on strengthening the security process so it has a faster recognizing and recovery rate. This can help prevent intruders and protect important company information; as well as bring down the success rate of attacks.
It should also be noted that breaches that happened years ago could still have vulnerabilities that can be exploited to do more damaging. This can be extremely dangerous since the original breach that happened a while ago, could still pose a potential threat.
Overall, we believe that there are 3 factors that IT professionals should be concentrating on at this time:
- Visibility. With the tools such as Big Data, more information can be collected and be available for alerting, in addition to analysis.
- Security Intelligence. The security information collected with big data tools should be aggregated and enriched by Structured Threat Information through STIX/TAXII mechanisms for alerting, automatic decision making, as well as future analysis.
- Analysis. Security Event and Incident Management Systems should allow CIRT (Computer Incident Readiness) to analyze incidents quickly.
We suggest that everyone reads the full report.
Verizon is doing an excellent job collecting these statistics and compiling the data to help keep all of us informed.