2. Data collection methodology
Publication includes only incidents involving
confirmed data compromise
90 data breach investigations
Verizon Enterprise Risk and Incident Sharing (VERIS)
framework to record case data
• https://www2.icsalabs.com/veris
3. Demographics
Lost largest amount of data
1)Information and Manufacturing industries
2)Financial sectors
3)Accommodation and Food Service
Size of organizations
Ranged from less than 100 to over 100,000
employees
4. Threat Agents
VERIS recognizes three categories of agents
1)External
2)Internal
3)Partner
Motives
» 1)Financial gain
» 2)Hacktivism (acts of protest and retaliation)
» 3)Disgruntled former employees
» Geographic origin of attacks
» 1)EMEA
» 2)Americas
» 3)APAC
7. Threat Actions 2
99% of all stolen data involved the use of
some form of hacking and malware
Social tactics: half of all data loss
8. Threat Actions 3
Hacking and malware are the leaders in the
field of data compromise because:
Afford the attacker many advantages, including:
Remote access
Relatively easy automation
Anonymity
Easy getaway
9. Top 10 threat action varieties by number of breaches that occurred in
2011
11. ASSETS 2
What to steal?
Data
Payment cards
Personal information (PII)
Authentication credentials
Trade secrets
Copyrighted information
12. Timeframes and methods of breach discovery
Time it took organizations to discover they
had been the victim of a breach
• 60% of cases it took months or years to figure this out
• Discovery
External party detected over two-thirds of breaches
16. About XFORCETEAM
XForceTeam is an independent group
of researchers whose work is mainly
devoted to issues of Malware Analysis
and Network Security Monitoring
and their diffusion through
video tutorials and screencasts.
17. XFORCETEAM
Contact us:
xforceteam@webprog.net
www.xforceteam.com
https://twitter.com/XForceTeam
http://www.facebook.com/pages/XForceTeam/353616747996041
http://www.youtube.com/user/WebProgNet
and more …