In this post, we give you an insight into data breach – a point-blank catastrophe that looms over most organizations.
What is Data Breach?
Data breach occurs when confidential data of an organization is lost or illegally obtained by miscreants for financial gains or another purpose. A data breach can have a paralyzing effect on any organization in the form of impaired operations, lawsuits, customer loss, and brand erosion to name a few.
Based on a study conducted in cooperation with 65 organizations, the 2017 Verizon Data Breach Investigation report presents the following sets of statistics:
Who’s behind data breaches?
• 75% of data breaches are caused by external threats (outsiders)
• 25% involved insiders
• 18% were state-sponsored
• 3% features multiple parties
• 2% involved partners of the affected organization
• 51% of the breaches were the result of organized cyberattack campaigns
The report further delves into the type of businesses who had their data breached – 61% of the victims are firms with under 1000 employees.
Furthermore, 95% of phishing attacks that caused a data breach were followed by some sort of software installation.
The motives behind data breach?
Motives that drive criminals to initiate data breach attacks are diversified. Top motives in a descending order are:
- Financial gain
- FIG (fun, ideology, and grudge)
- Other (errors, glitches, etc.)
93% of data breaches are brewed by financial interests.
Who are the Victims?
There is this common belief that small organizations are too small to attract hackers’ attention. But, this belief is purely a misconception and probably, a dangerous one too. No industry, big or small, is spared from such information security threats.
As quoted by the 2017 Verizon Data Breach Investigation report,
• 24% of breaches affected the financial industry
• 15% involved healthcare
• 12% of the victims included the public sector
• 15% accounted for retail and accommodation
Tactics used by attackers for staging data breaches
- In 81% of data breach incidences, criminals used stolen (or weak) passwords
- 62% involved hacking techniques
- 51% used malware for stealing data
- 43% leveraged social engineering tactics
- 14% involved misuse or abuse of privileges by people within the organization
- 8% featured physical actions
What can be done?
With diverse motives that miscreants have behind data breaching, we cannot ignore the evolving nature of the threat landscape. Threats are becoming advanced, persistent, and particularly, more targeted than ever. Thus, evaluation of the threat landscape and adopting a methodical approach should form the core of the counterattack strategy.
But at the same time, formulating a data protection strategy also depends on what organizations want to protect; the type of data, its sensitivity, what are the odds of the data being targeted by criminals, and so on. In other words, one cannot have a fixed protocol or standards for information security. Otherwise, it would be like prescribing a one-pill-cures-all-illnesses treatment plan.
One rational approach could be using multilayered protection. It’s like putting up a barricade surrounding your property and then securing your windows and doors and chimneys too, if you will.
Employing a reliable unified threat management (UTM), coupled with endpoint security solutions, can give organizations what they need to reduce the risk of data breaches. However, it would not be practical to label such measures as a ‘foolproof’ system to deal with such threats. As mentioned, it all depends on what organizations intent to protect, their understanding of the current threat landscape, and up to what extent they can go to secure their infrastructure.