iTnews
  • Home
  • News
  • Technology
  • Security

Organised crime behind 85 per cent of all data breaches

By Dan Worth on Jul 28, 2010 12:47PM

Verizon Business report finds more data being lost than ever before.

Organised crime accounted for 85 per cent of all data stolen in external attacks on companies, according to a report carried out by Verizon Business in conjunction with the US Secret Service.

The 2010 Verizon Data Breach Investigation Report used confidential information logged on the Verizon Incident Sharing Framework (PDF) alongside information provided to the Secret Service.

The figures also found a larger amount of data being lost within organisations than previously noted, but external attacks remain the number one way in which data is stolen with 69 per cent of all breaches.

"By adding our data to the Secret Service's, we were able to build up a better picture of data breaches, with many results found to be the same as earlier reports," said Matthijs van der Wel, managing principal for the forensics team at Verizon.

"The data we have now gathered, from both the US and worldwide, provides organisations with a clearer insight into the threats they face, and information on where they need to protect themselves against these risks."

Van der Wel added that 49 per cent of thefts that occur from inside an organisation are caused by employees abusing privileges, and that companies need to apply better data management policies to clamp down on this trend.

"Many organisations give employees too much access to certain levels of data. They should instigate more rigid controls to ensure that staff only have access to data they need, say, information from the last week or month," he said.

Companies should also look beyond simple username and password access to data, and use second factor authentication processes to prevent lost or stolen credentials being used to gain information.

Furthermore, data breaches occur most often via servers and online applications, but 87 per cent of victims had evidence of the breach on log files, yet failed to spot it.

"Many firms say it is impossible to spot a data breach in their log files, but we would suggest that if they look for anomalies in the amount of log-files, they could spot irregular patterns and find breaches this way," he said.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
85allbehindbreachescentcrimedataoforganisedpersecurity

Partner Content

Why Genworth Australia embraced low-code software development
Promoted Content Why Genworth Australia embraced low-code software development
Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Promoted Content Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Security: Understanding the fundamentals of governance, risk & compliance
Promoted Content Security: Understanding the fundamentals of governance, risk & compliance
Avoiding CAPEX by making on-premise IT more cloud-like
Promoted Content Avoiding CAPEX by making on-premise IT more cloud-like

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • Micro Focus Information Management & Governance (IM&G) Forum 2022
  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
  • Forrester Technology & Innovation Asia Pacific 2022
By Dan Worth
Jul 28 2010
12:47PM
0 Comments

Related Articles

  • Qld gov proposes mandatory data breach reporting for agencies
  • Law firm mulls class action over NDIS software provider data breach
  • NDIS case management system provider breached
  • 50k customers caught up in Spirit Super phishing attack
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

PayTo rollout kicks off

PayTo rollout kicks off

Australia scraps digital passenger cards for international arrivals

Australia scraps digital passenger cards for international arrivals

Neobank Volt exits the banking industry

Neobank Volt exits the banking industry

Optus brands Telstra-TPG deal 'uniquely one-sided'

Optus brands Telstra-TPG deal 'uniquely one-sided'

Digital Nation

Personalisation strategies need to be built from the ground up
Personalisation strategies need to be built from the ground up
Case Study: EY invests in AI to improve approach to flexible working
Case Study: EY invests in AI to improve approach to flexible working
Case study: AFL kicks goals with its new digital platform
Case study: AFL kicks goals with its new digital platform
Case Study: Good360 deploys NetSuite, Magento and Salesforce
Case Study: Good360 deploys NetSuite, Magento and Salesforce
Case Study: Multicloud business drivers at MLC Life Insurance
Case Study: Multicloud business drivers at MLC Life Insurance
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.