Comments
With opportunistic people looking primarily to make money, it's best we don't underestimate cyber attacks; instead look for tips to stay safe,” advises Mark Goudie, Managing Principal – Asia Pacific, Investigative Response, Verizon Business.
Sharing the company's latest (2011) Data Breach Investigation Report (DBIR), with eWorld, he says the findings “show that the total number of breaches touched an all-time high in 2010 while data loss through cyber attacks took a sharp dip during the same period.
The number of compromised records (involved in data breaches investigated by Verizon and the US Secret Service) dropped from 144 million in 2009 to 4 million in 2010, representing the lowest volume of data loss since the report's launch in 2008.”
The key findings showed that large-scale breaches had dropped dramatically while small attacks surged; outsiders were responsible for most data breaches contrary to the malicious-employee stereotype; physical attacks such as manipulating credit card devices at ATMs, gas stations and point of sale terminals were on the rise; hacking and malware continued to be the most popular attack method; and stolen password and credentials moving out of control.
Commenting on the findings, Goudie says “opportunistic people seem to be primarily looking to make money. This year, we witnessed highly automated and prolific external attacks, low and slow attacks, intricate internal fraud rings, countrywide device-tampering schemes, cunning social engineering plots and more. And India is very much a country where data breaches are happening,” he told Business Line.
The report also found that outsiders were responsible for 92 per cent of breaches and this is said to be largely due to the huge increase in smaller external attacks.
Stating that cyber criminals are shifting to smaller, more opportunistic attacks rather than difficult, large-scale attacks to successfully penetrate organisations, Goudie cautions businesses and consumers about remaining vigilant in implementing and maintaining security practices.
The report has recommended that enterprises use simple, essential security practices such as focusing on essential controls since enterprises, by and large, make the mistake of pursuing exceptionally high security in certain areas while almost completely neglecting others. “Businesses are much better protected if they implement essential controls across the entire organisation without exception; eliminating unnecessary data and securing remote access services, among others,” the report says.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.