With the number of data breaches on the rise why are the amount of records stolen dropping?
Verizon recently released a report called the 2011 Data Breach Investigations Report (DBIR) in which it combines caseload information with the United States Secret Service. Although the number of records breached has dropped from a record high of 361 million in 2008 to 144 million in 2009 and even lower to only 4 million in 2010 the fact is that the total number of breaches occurring is rising. This could mean that smaller businesses are being targeted through different vulnerabilities than recent years.
Criminals Behind Bars Cause Others to Hide
Some would say that because many criminals were recently placed behind bars, including 1200 suspects arrested in '10, we are much safer. While others, mainly those involved in security, are thinking the reduction in records stolen is a combination of higher security but mainly a greater desire to remain out of jail. Many large scale cyber criminals have recently been placed behind bars, including Albert Gonzalez and Maksym Yastremskiy who were responsible for the 2010 payment card data breaches. With these spectacles of the law being known by hackers everywhere it may be that criminals are laying low.
Rather than targeting the higher risk companies who have more security and investigative power, cyber criminals seem to be targeting low hanging fruit. The statistics from Verizon's report show organizations with 11 to 100 employees have been breached more in 2010 than other company sizes. Approximately 436 breaches took place in this size bracket compared to the 323 breaches that took place in all other employee size brackets combined. This is most likely due to the fact that the level of security utilized by these institutions is much less extensive than that of larger corporations.
External Threats and Remote Access Security
It is great to know that employees and competitors are not the direct cause for data breaches. However with 98% of breaches originating from organized criminal groups and unaffiliated persons it is plain to see that remote access security is a dilemma. The top 4 types of attacks resulted from hacking and malware. Although mobile devices have been seen as the source of evil lately in essence it is the server that has been the target. This is not to say that mobile devices will not haunt our future security woes as they may soon become the target of cyber thieves.
In order to secure our privacy the problem lies in authenticating remote users. Anyone accessing the server should be an authorized user to prevent further deployment of malware. Furthermore with hackers creating programs for less skilled script kiddies to easily maneuver through security the need for remote access security will rise. These attacks that we have recently seen may just be groundwork that is being made for later attacks. By utilizing information from data breaches a hacker could create easy to use programs in which they can control many unskilled attackers from many locations to pull off a much larger breach of records.
By utilizing a two-factor authentication method to identify user's many hacking attempts would be thwarted. However in order to completely secure remote access the need for out-of-band authentication from a one-time password is rising greatly. With over 50% of breaches resulting from malware an out-of-band solution allows for authentication to take place without chance of being breached malicious software.
With new reports by Verizon and other companies being released constantly we can view the change and evolution of attacks. More importantly we can see trends which may lead to future attacks and prevent data breaches through preventative security measures.
Adam is a network security specialist who believes data breaches are cause by poor remote access security. By eliminating the weakness of a traditional password and utilizing 2-factor authentication that has an added layer of protection by using an out-of-band authentication method through a OTP.