Huawei and Commvault jointly launch the Hybrid C... » Huawei and Commvault have released their Hybrid Cloud Backup Solution at CeBIT 2017, currently takin... MOBOTIX brings innovation and partnerships to ISC ... » During ISC West from the 5th to 7th of April at Sands Expo in Las Vegas, NV, MOBOTIX (stand 16065), ... ST. MICHAEL'S OPENS DOORS WITH HELP FROM ERA » David Stapleton and Era’s Tania Tams with Mrs. Grundy and pupils at St Michael’s First School Vig... 17% growth ensures Nationwide Platforms remains wo... » Nationwide Platforms has once again retained its position as the world’s largest IPAF provider after... Le Pen Seeks Anti-terrorism Operations in Chad...B... » "Well, Marine Le Pen may be able to save France from abroad. But hold on for a minute, do you really... Synectics to showcase urban transport surveillance... » David AindowUrban transport networks are in danger of data overload. Guarding against emerging secur... TomTom Telematics collaborates with SOTI » TomTom Telematics has announced a collaboration with SOTI that will see the company’s popular flag... Dimension Data launches support and managed servic... » London, United Kingdom: Dimension Data has extended its current offering with Cisco Meraki. This inc... LOCKEN ANNOUNCES STRATEGIC COLLABORATION WITH ISEO » Leading developers of cable free access control, LOCKEN and ISEO Group, an Italian based designer,... Sopra Steria finds UK citizens want more secu... » London: Sopra Steria has revealed that UK citizens are keener than ever to use digital public servic...

CLICK HERE TO

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Information Security Header

File Server Risks, A Look Into Verizon's Data breach Investigation Report 2013

This year Verizon’s database grew substantially from 855 confirmed data breaches to more than 47,000 reported security incidents and 621 confirmed data breaches. While the basis for most of the statistics presented in the report is the 621 confirmed data breaches, statistics for all 47,000+ incidents are also provided. This year the RISK team decided to analyze the dataset of breaches by attack motive; state-affiliated espionage, financially motivated crimes, or activism. Looking at data breaches through this prism sheds light on several points worth mentioning.

“AM I A TARGET FOR ESPIONAGE?”

As stated in the report - “Who wants my proprietary info?” is probably a better question than “Am I a target of espionage?” Every organization has some form of proprietary or internal information it wants to keep private. This information, which is almost always tied to an organization’s competitive advantage, is inevitably of interest to someone, somewhere. As the DBIR report clearly demonstrates, everyone is a potential target for data theft regardless of the type and size of the organization, or the specific motivation of the attacker.

RAISING THE BAR

In about 70% of the data breaches the actual theft (credential and data) require few resources and little expertise – feasible with automated tools and scripts; basic methods that need no customization. Placing security measures around the data center will easily raise the bar on the required resources and the minimum level of expertise required by the attacker, thus reducing the impact of the initial compromise. The DBIR 2013 still supports the common truth that organizations do not detect breaches on their own, but rather are informed of them by an external third party. Furthermore, in many cases this detection is accidental, stumbled upon while investigating something else, and the alert is merely a courtesy.

MISSED OPPORTUNITIES

Lack of visibility into attacks and malicious activity allows attackers to operate undetected for months. While the window of time available to detect the initial compromise is very small (seconds to minutes) and such compromises leave little-to-no evidence, the window of time available to detect malicious data access and exfiltration is much larger (hours to months). This is due to the time it takes for an attacker to explore the network, locate relevant systems, exploit those systems, and then collect and exfiltrate the data.

READY, AIM… SHOOT!

There’s a clear correlation between threat actor motives and the variety of data compromised. Unsurprisingly, the financial criminal’s motives are payment and personal information - information that can be easily monetized. The state-affiliated espionage motives however, tend to be trade secrets, internal organizational data, and system information, while hacktivists focus on personal information and internal organizational data. Despite the difference in end game, or motive, all three attackers must first acquire credentials in order to successfully breach the data they desire