Wednesday, March 21, 2012

Verizon: Hacktivists and Cyber-Criminals Run Amok

In 2011, the world experienced remarkable civil and cultural uprisings (Arab Spring, Occupy movement, etc) as well as rising hacktivism in the online world.

Verizon's newly released "2012 Data Breach Investigations report traces the sharp rise in hactivism as a major threat to governments and businesses, as well as increasingly sophisticated attacks by mainline cybercriminals who continue to refine their methods in penetrating specific economic targets.

The report, which used input from a variety of sources, including the United States Secret Service and other law enforcement authorities around the world, examined 855 data breach incidents. The number of compromised records across these incidents reached 174 million -- the second-highest data loss total since Verizon started keeping track in 2004.

Hactivist groups are believed to be responsible for 58% of this data theft in 2011.

"With the participation of our law enforcement partners around the globe, the '2012 Data Breach Investigations Report' offers what we believe is the most comprehensive look ever into the state of cybersecurity," said Wade Baker, Verizon's director of risk intelligence. "Our goal is to increase the awareness of global cybercrime in an effort to improve the security industry's ability to fight it while helping government agencies and private sector organizations develop their own tailored security plans."

Professional cybercriminals remain focused on industrial espionage and while the number of reported breaches were less frequent, Verizon sees serious implications for the security of corporate data. Attackers continue to thwart or circumvent authentication by combining stolen or guessed credentials with backdoors (to retain access).

Some guidance from Verizon:

Recommendations for Enterprises

Eliminate unnecessary data. Unless there is a compelling reason to store or transmit data, destroy it. Monitor all important data that must be kept.

Establish essential security controls. To effectively defend against a majority of data breaches, organizations must ensure fundamental and common sense security countermeasures are in place and that they are functioning correctly. Monitor security controls regularly.

Place importance on event logs. Monitor and mine event logs for suspicious activity - breaches are usually identified by analyzing event logs.

Prioritize security strategy. Enterprises should evaluate their threat landscape and use the findings to create a unique, prioritized security strategy.

Recommendations for Small Organizations

Use a firewall. Install and maintain a firewall on Internet-facing services to protect data. Hackers cannot steal what they cannot reach.

Change default credentials. Point-of-sale (POS) and other systems come with pre-set credentials. Change the credentials to prevent unauthorized access.

Monitor third parties. Third parties often manage firewalls and POS systems. Organizations should monitor these vendors to ensure they have implemented the above security recommendations, where applicable.

The 77-page report is available for downloading.