The 2008 Data Breach Investigations Report spans four years and more than 500 forensic investigations involving 230 million records.
The report analysed hundreds of corporate breaches, including some of the largest ever reported.
Significantly, 90 per cent of known vulnerabilities the were exploited had patches available for at least six months prior to the breach.
The report found that 73 per cent resulted from external sources and 18 per cent from insiders, dispelling the myth that the majority of data breaches come from inside an organisation.
But the report also points out that most breaches resulted from a combination of events rather than a single hack or intrusion.
For example, 62 per cent were attributed to significant internal errors that either directly or indirectly contributed to a breach.
Thirty-nine per cent of breaches were attributed to business partners, a number that rose fivefold during the course of the period studied, reflecting the rise in collaborative e-commerce among businesses.
Of the breaches caused by hacking, 39 per cent were aimed at the application or software layer and 23 per cent were operating system platform exploits.
The findings show an increase in the number and type of international incidents. For example, attacks from Asia, particularly in China and Vietnam, often involve application exploits leading to data compromise, while defacements frequently originate from the Middle East.
IP addresses from Eastern Europe and Russia are commonly associated with the compromise of point-of-sale systems.
"As the world becomes more interconnected through IT, as enterprises aggressively seek global partnerships and as the laws governing the handling and disclosure of such incidents mature, it is likely that this upward trend of international data breaches will continue," the report says.
Data compromise is the easiest, safest and most lucrative way to steal the information necessary to commit identity fraud, according to the report.
The lucrative black market for stolen data enables criminals to work with one another to find vulnerable systems, compromise data and commit large-scale identity fraud.
Within this network, criminal conglomerates maintain access to hackers, fraudsters and other organised crime groups.
The retail and food and beverage industries account for more than half of all cases investigated. Financial services accounted for 14 per cent.
Data breaches 'easily' avoided
By Andrew Charlesworth on Jun 16, 2008 9:14AM