Almost 90 percent of security incidents in the retail sector involved denial of service attacks, crimeware, or point-of-sale intrusions. Attackers were often able to compromise systems and walk away with data in days or less. But in over 50 percent of cases, it took retail organizations months or more to discover a breach had occurred.
In over 50 percent of cases, it took retail organizations months or more to discover a breach had occurred.
This year, the Verizon 2015 Data Breach Investigations Report (DBIR) is again based around the nine incident classification patterns identified in our 2014 report. Just three of these patterns—denial of service (DoS) attacks, crimeware, and point-of-sale (POS) intrusions—account for the vast majority (88 percent) of all security incidents experienced by retail organizations. If we look at breaches where data was disclosed, the majority involved POS attacks.
The first step to tackling data security is to understand the nature of the threats that you face. The DBIR helps you do this by providing you with detailed analysis of almost 80,000 incidents, including 2,122 confirmed data breaches—our biggest-ever dataset. To follow are highlights from the 2015 report.
New Opportunities Have Emerged
You’re probably looking at mobile and the Internet of Things (IoT) to provide more efficient ways of doing things and create new revenue opportunities. But does this leave you more open to attacks on your data and systems? We looked at the threats posed by mobile malware and the growth of the IoT.
Familiar Techniques Are Still a Threat
There were around 170 million malware events across all organizations last year. Seventy-90 percent of those were unique to a single organization. Hackers now routinely introduce simple modifications to the code each time they use it. This changes the identifying signature that traditional anti-virus products look for, enabling the malicious code to get through and compromise systems.
Old Vulnerabilities Remain Open
We found that 10 vulnerabilities accounted for almost 97 percent of the exploits in 2014. The remaining 3 percent consists of 7,000,000 other vulnerabilities. Most attacks exploited known vulnerabilities where a patch has been available for months, often years. Of the vulnerabilities detected in 2014, we found more dating back to 2007 than from any year since.
Adding Up the Costs
Organizations are constantly asking us to put a figure on the cost of breach to help them demonstrate the value that they are delivering and justify their data security budgets. This year, for the first time, the DBIR estimates what costs you can expect to incur if you fail to protect your data. We’ve spent time developing a new approach to estimating the costs of breach. Unlike other models, we believe our approach provides more reliable figures for breaches involving over 100,000 records.
Time to Discover an Incident
Data was compromised in days or less in over 80 percent of cases—in over 40 percent of cases, it took just minutes or less. But organizations typically took months to discover there had even been a breach. In 70 percent of cases, it took retail organizations weeks or more to discover a breach; in over half, it took months. Most breaches continue to be discovered by external third parties or by Common Point of Purchase fraud algorithms that can take time. The better news is that once discovered, organizations were able to contain almost half (47 percent) of the breaches in days or hours.
How Can Verizon Help?
Verizon puts its unique security insight to work every day in the solutions it provides. The products and services that can help you guard against the security threats include:
- DoS Defense Detection and Mitigation service analyzes your traffic at the network level and looks for anomalies. As well as alerting you, it can automatically mitigate an attack, helping prevent malicious traffic from reaching your network. The Verizon scale means that we can deal with even the largest attacks.
- PCI Compliance consultants have a wealth of industry knowledge, so they can appreciate your challenges and make recommendations about both IT and business process transformation, to help protect your POS environment.
- Application Vulnerability Scanning services are a software-as-a-service (SaaS) offering that enables you to identify vulnerabilities in web applications, before they’re exploited.
(Photo via istockphoto/Leylaynr)
For a daily dose of what’s new and next in Dallas-Fort Worth innovation, subscribe to our Dallas Innovates e-newsletter.