Home » Topics » Cybersecurity » Crime rings behind 91% of data theft: report

Crime rings behind 91% of data theft: report

by Stefano Maruzzi

Cybercrime rings are responsible for many of the most successful security breaches last year, according to a report by forensic investigators for Verizon Business.

The report, which draws on metrics from 150 cases investigated last year by the forensic team, revealed that a staggering 91% of all compromised records were a result of activity by organised criminal groups.

The most ‘successful’ of these attacks were highly difficult attacks targeted against financial institutions, netting the cybercriminals 93% of the 285 million compromised records tracked by the team.

“That’s compared to a total of 230 million records compromised over the previous four years,” says Verizon’s forensics manager, Matthijs van der Wel.

The Verizon report also found that ‘highly difficult’ attacks – approximately 17% across the firm’s caseload – were responsible for netting 95% of the stolen data.

“The malware used in very difficult attacks is not typical. It is custom created and does things we previously only theorised about, like PIN block attacks (breaking the encryption used by banks to secure consumer PINs). We’re seeing these in real life right now,” says van der Wel.

22% of attacks originated from Eastern Europe while 18% came from East Asia. “We do have a great deal of evidence that malicious activity from Eastern Europe is the work of organised crime,” the report notes.

“In most cases, the immediate need is in containing the breach rather than rooting out the entities responsible, [although] we are happy to report that these efforts with law enforcement led to arrests in at least 15 cases (and counting) in 2008.”

The report also found fears of rogue employees stealing data – the so-called ‘insider’ threat – are generally overplayed.

“Results from 600 incidents over five years make a strong case against the long-abiding and deeply held belief that insiders are behind most breaches,” the report notes.

74% of breaches contained an external element and 32% involve partners (so-called ‘partial insider’ attacks’) but “only about 11% of all breaches were committed by an insider acting alone. The remainder of the breaches tied to insiders mostly involved employees as unwitting participants in the crime through errors and policy violations.”

Related Topics

Related Stories

Cybersecurity

How AI will shift the security landscape in 2024

The impact of AI within cybersecurity is expected to grow significantly this year, says Alex Holland, senior malware analyst at HP

AI & Machine Learning

NCSC releases guidelines for secure AI development

New guidance from the National Cyber Security Centre (NCSC) aims to help businesses securely innovate with AI and minimise risks

Cybersecurity

3 cybersecurity compliance challenges and how to address them

Earning those trust seals can strengthen relationships with board members and prospective customers, but it sure isn’t easy.

Cybersecurity

70% of UK firms reported cyber insurance changes in past year

According to research from Databarracks, seven in 10 UK businesses have seen changes to their cyber insurance in the past 12 months, as requirements rise