When Cyber Attacks

The good news from a soon-to-be-released study of data breaches in 2011 is that fewer of them are originating within the affected enterprises. The bad news is that external attacks are definitely on the rise.

By Ara Trembly

Malware and hacking were the most common attack vectors in data breaches that occurred in 2011, according to a preview of the 2012 Data Breach Investigations Report from Verizon, said eWeek. The full report will include information about more than 850 data breaches in 2011, said Verizon, which investigated about 10 percent of the incidents. That information was combined with data gathered from five law enforcement agencies, including the U.S. Secret Service.

While retail?both online and traditional?hospitality and financial sectors suffered the most incidents in 2011, information and manufacturing industries lost the largest amount of data, measured in the number of records compromised, said the eWeek report. It is worth noting that insurance is most definitely linked to the financial sector and is itself an information-intensive industry. Nevertheless, it is very tempting to conclude that since carriers and brokers are not among the most frequent targets of cyber-criminals, we have very little to worry about.

Avoid a Legal Black Hole (04/12/13)
Technological Obsolescence (05/01/13)
Part 3: Big Data Masters (04/12/13)
Defending Your Networks (04/12/13)
Excess and Surplus At the Ready (04/12/13)

However, when one considers the kinds of information often stolen in such attacks?including personal identifying information?one quickly realizes that insurance databases are full of such data and ripe for the picking. Add to that a traditionally lax posture in our industry with regard to cyber-threats and vulnerability, and we have a recipe for disaster. We should never forget that even seemingly harmless details of an individual's life could ultimately be used in combination with other data to steal that person's identity, not to mention his or her assets.

Financial gain is the main motivation for cyber-attacks, according to the report. While organized crime was responsible for a majority of incidents, online protests, other forms of "hacktivism" and disgruntled ex-employees also caused significant damage.

External attacks continue to rise, with 92 percent of incidents fitting this category, as opposed to the 80 percent figure for externally generated breaches recorded between 2004 and 2007. Verizon found that hacking and malware played some role in nearly all of the incidents, said eWeek, which cited the remote access, automation and easy getaway that go with such methods.

The threat posed by automation cannot be understated. Schemes that once required a significant amount of time and brainpower can now be automated to the point where the criminal need only activate the malware or other hacking means, then sit back and watch the illegally-gotten information pour in. It is also important to note that hacking tools are readily available on the Internet?and they have been simplified to the extent that utilizing them is hardly rocket science. No, I won't tell you where you can find those tools, but the sad fact is that it isn't all that difficult to locate them.

Organizations are still taking a disturbingly long time to detect that they have been compromised. While it takes attackers a very short time to breach a network and steal data, nearly 60 percent of the incidents were detected months or years after the fact, Verizon found. In addition, even after a company is aware of the unauthorized access and theft of data, many companies are loathe to alert anyone?including their customers whose information has been stolen. The phrase "PR nightmare" comes to mind.

ARA TREMBLY is founder of The Tech Consultant and The Rogue Guru Blog. He can be reached at riskletters@lrp.com.

April 13, 2012

Newsletter Sign-up