We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

90% of hack attacks caused by organised crime

More data stolen in 2008 than past four years

According to research, organised crime is behind 90 percent of all hacking attacks, and hackers stole more data last year than in the previous four years.

In its 2009 Data Breach Investigations Report (DBIR), Verizon investigated 90 data breach cases that exposed a 285 million records, which is equivalent to nine records per second. This figure is far greater than the 230 million records recorded as breached in the five years combined from 2004 to 2008.

The study looked only at breaches involving attacks that resulted in compromised records being used in a crime. Verizon Business found that organised crime was behind 90 percent of all breaches which involved compromised records.

Market saturation has driven down the price of credit card details on the black market. Details that were valued at around $10 to $16 per record in mid-2007, are now sold for less than 50 cents per record today.

As a result, personal identification numbers (PIN) fraud has exploded as criminals are targeting financial firms to steal PINs and together with associated credit and debit accounts. Financial firms accounted for 93 percent of the over 285 million records compromised.

"Financial services firms were singled out and fell victim to some very determined, very sophisticated, and - unfortunately - very successful attacks in 2008," said the report.

The report also found most data breaches originate from external threats, rather than internal, with 74 percent of breaches caused by external sources.

Hacking is the leading cause of data breaches for the fifth year running, involved in 94 percent of cases that led to breached records. Malware was involved in over one-third of the cases investigated and contributed to nine out of 10 of all records breached. SQL injection was the favourite type of attack, used in 79 percent of cases were records were compromised.

But most breaches resulted from a combination of events rather than a single action, the report found, with 64 percent of breaches attributable to hackers using a combination of methods.

Matthijs van der Wel, manager principal forensics EMEA, at Verizon Business Security Solutions, outlined the typical scenario for data losses.

"The end user makes a mistake. The attacker takes advantage of some mistake committed by the victim company, hacks into the network, perhaps using an SQL injection attack, and installs malware on a system to collect data."

Van der Wal added that nearly nine out of 10 breaches were avoidable if security basics had been followed.

Computerworlduk.com


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

Apple's 2014 highlights: the most significant Apple news of 2014

IDG UK Sites

Watch this heartwarming Christmas short by Trunk for composer John Rutter

IDG UK Sites

Ultimate iOS 8 Tips: 35 awesome and advanced tips for using iOS 8 on iPhone and iPad