Tag Archives: attacks

Verizon Data Breach Study & SMB Factors

Verizon just released their 2013 Data Breach Investigations Report (DBIR).  It draws data from work done by several law enforcement agencies, incident-reporting groups, research institutions, and private security firms. It studies over 2,500 confirmed data breaches (representing more than 1 billion records).

Some observations from the report for all company sizes:

  • 75% of attacks were opportunistic, ie a specific company or individual was not directly targeted
  • Attackers consisted of activists, criminals, & spies
  • Of the cases of insider sabotage, 50% came from old accounts or back doors that had not been disabled
  • The vast majority of attacks (68%) were considered “Low” difficulty (meaning basic attack methods with little or no customization required)
  •  ‘Unapproved’ hardware accounted for 41% of misuse
  • It is taking longer to discover breaches, up 10% from 2012.  This means that the bad guy can operate at will for longer periods of time.

Some observations for small and medium sized businesses (employee count < 1000):

  • In companies less than 100 in size, retail had an exceptionally large exposure, followed by food services companies
  • 57% of attacks were from organized crime and 20% were state-affiliated
  • 72% of attacks were from hacking, 54% from malware, and 32% from social media
  • In 86% of the attacks, spyware or keyloggers were installed as a part of the attack
  • SMB’s are at higher risk for ransomware schemes
  • Desktop sharing was primary attack vector for hacking attacks for SMB’s
  • Email was primary vector for social attacks
  • Unapproved hardware contributed to misuse in 52% of cases in small & medium sized companies (compared with only 22% of large companies)
  • Point of Sale devices most often attacked information asset for SMB’s

2013 Data Breach Investigations Report

Executive Summary