Now, nearly every data breach leaves a lingering, if not lasting imprint on an enterprise.
The second annual Verizon data breach report found that the human element is again front and centre this year.
Humans continue to play a significant role in data breaches and cyber security incidents, fulfilling the roles of threat actors, targeted victims and incident response stakeholders.
>See also: Five keys to preparing for a data breach
The report outlines 16 case studies from the perspective of the 500, real-world, security incidents investigated by Verizon’s RISK team.
The case studies cover a wide range of cybercrime tactics, including hacktivism, insider threats, IoT device takeovers, DDoS attacks, cloud-related incidents and many more.
IoT breach on a university campus
Here, hackers gained control of every IoT device deployed across a university campus; turning connected streetlights, and vending machines into a botnet army and bringing network connectivity to a standstill for students in the process.
Cloud security failure
The compromise of an e-commerce system, when hackers planted a bogus form in the checkout page to capture customer card details.
During the forensics process, the retailer learned that it’s web developer had enlisted the services of a low-cost cloud provider in India, which was storing its customer data on servers in Malaysia in breach of data protection.
Half a million in refunds stolen from regional water supplier
A malicious third party insider accessed customer accounts with refunds due, altering their bank details so the payments were redirected to fraudulent accounts in England, subsequently stealing £500,000.
Video gaming DDoS
One of the biggest DDoS attacks launched against a gaming company during the launch week of a new product, preventing access for genuine gamers.
>See also: 7 key lessons from TalkTalk’s data breach
Smartphone app breach
An opportunistic attack that compromised a travelling CSO’s smartphone, by exploiting vulnerabilities in a popular VoIP app that is susceptible to code injection attacks when the user had connected to an insecure free public wi-fi hotspot.
“Data breaches are growing in complexity and sophistication,” said Bryan Sartin, executive director, the RISK Team, Verizon enterprise solutions.
“In working with victim organisations, we find that breaches touch every part of an organization up to and including its board of directors. Companies need to be prepared to handle data breaches before they actually happen in order to recover as quickly as possible. Otherwise, breaches can lead to enterprise-wide damage that can have devastating and long-lasting consequences such as a loss of customer confidence or a drop in stock price.”
“The Data Breach Digest is designed to help businesses and government organisations understand how to identify signs of a data breach, important sources of evidence and ways to quickly investigate, contain and recover from a breach,” added Sartin.
The report also highlights through what mode a data breach might occur.
The human element, suggests partner misuse or a disgruntled employee are factors in compromising security systems.
Conduit devices in the form of mobile and IoT can also be a route through which attackers compromise a system.
Some cyber criminals exploit configuration systems, via the cloud or through a DDoS attack.
Finally, malicious software, like crypto malware or unknown ‘viruses’ attribute to data breaches.
This year’s report also points to five actions an organisation should take in the aftermath of a breach:
- Preserve evidence; consider consequences of every action taken.
- Be flexible; adapt to evolving situations.
- Establish consistent methods for communication.
- Know your limitations; collaborate with other key stakeholders.
- Document actions and findings; be prepared to explain them.