A Data Breach or a breach of data security is an incident in which sensitive, proprietary or confidential information is viewed, stolen or used by unauthorized third parties. This form of crime can both cause damage of property for example, sabotaging computer systems. It can also lead to a violation of property rights, such as theft of source codes, customer data or other information. In addition, it could affect whole business systems of an enterprise level company. The most common scenario for a data theft is a hacker attack that penetrates into a company’s network.
The 2015 Data Breach Investigations Report by Verizon, which has been published annually starting 10 years ago, gives an insight into the growing number of cyber attacks affecting companies, organizations and governments. The study provides precise figures and discloses what data theft could cost. Last year 80,000 security incidents in 61 countries were registered, in 2,100 cases, these were attacks by cybercriminals. Compared to last year this represents an increase of 55 percent of successful attacks, with the total number of cases rising by 26 percent.
The most common types of cyber attacks
About 90 percent of all attacks by hackers carried out with the following:
- Human failure eg. sending out of emails to a wrong recipient
- Attacks to web applications
- Crimeware (different kinds of malware trying to take over the control over data systems)
- Misuse of data by insiders
- Physical theft of data or data loss
- Denial of service attacks
- Attacks on Point of Sale Systems
- Skimming of payment details: spying out of credit card details and numbers
Data Theft & Phishing still popular with hackers
In attacks by hackers on companies resulting in the theft of confidential data, most attackers use vulnerabilities in web applications. Often the access to the software was stolen previously by the cyber criminals or they use phishing methods to get it. The data theft by phishing attacks is very popular within the hacker community – and even more successful, when both methods are combined together. According to the study it is expected for large-scale phishing campaigns via e-mail that 23 percent of recipients read the message and another 11 percent even open the attachment. Particularly successful phishing seems to be in the communication, legal and customer service departments of companies – exactly where people generally handle large scales of email communications including email attachments. According to the study also the insider attacks increase compared to external attacks – particularly with regard to the theft of intellectual property.
Most common e-crime offenses
A KPMG study sheds light on the subject of cybercrime in companies. Compared to the preliminary study in 2013, respondents were significantly more likely to be victims of an e-crime. In the past two years, 40 percent of companies were affected by a cybercrime, in 2013 only 27 percent. This represents an increase of almost 50 percent. Financial Services have to deal most often with e-crime incidents. 55 percent of the representatives of this industry declared that they had been attacked at least once. In comparison to other segments where only 33 percent said that they were affected. Financial Services thus prove to be particularly attractive to potential perpetrators. The most commonly identified types of crimes, according to the KPMG study, are the following.
Computer fraud: Fraudulent actions taking advantage of information and communication technologies via manipulation of data processing systems or processes.
Spying or interception of data: Unauthorized recording, eavesdropping or monitoring of data which is in the transmission process (for example; email, instant messages, network traffic, IP telephone).
Manipulation of accounts and financial data: Unauthorized modification of account details and financial data in accounting or payment systems.
Data theft: Unauthorized acquisition of data.
Infringement of copyright: Breach of the rights of and exploitation of copyrighted electronic data (for example, creating an illegal copy and use of software programs and content of audiovisual media)
Breach of commercial or industrial secrets: Unauthorized appropriation and disclosure of confidential or secret company information and/or of business partners using information technologies.
System damage or computer sabotage: Disruption of data processing structures, for example by damaging or manipulating computers, networks or media.
Blackmail: Blackmail with threat of e-crime actions.
Data breach and e-crime have already come to the awareness of companies and users. Most respondents of these studies, however, have not yet been adequately addressing these issues. Most uncertainties exist with respect to the requirements in terms of cost and legal changes and compliance in the IT security area. One objective for companies should be to provide an acceptable balance between investment in prevention, detection and a sensible reaction to a data breach and/or cyber attack. Minimize the attack on the one hand and handle non-avoidable damage on the other hand. Primary considerations should be the creation of a sensible plan including actions and tools around risk disposition of businesses.
Author: Kathrin Brekle