https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Events
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • Microwave/RF
    • T&D World
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Galleries
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Events
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • WHY ATTEND
    • Exhibitor Listings
    • Floor Plan
    • Exhibiting Information
    • Registration Opens April 2019-Join Our Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Cybersecurity


Article

Verizon: More than half of data breaches are from hackers

Verizon: More than half of data breaches are from hackers

Verizon today issued its 2013 data-breach report, which is based on the analysis of 47,000 reported security incidents and 621 confirmed data breaches suffered last year. The report indicates that hackers are responsible for more than half of all data breaches.
  • Written by Donny Jackson
  • 23rd April 2013

Verizon today issued its 2013 Data Breach Investigations Report—the sixth such report published by the company—which is based on the analysis of 47,000 reported security incidents and 621 confirmed data breaches suffered last year. Eighteen organizations contributed incident data for analysis using VERIS—Vocabulary for Event Reporting and Incident Sharing—a common language developed by Verizon for describing security incidents. 

The report indicates that hacking was a factor in 52% of the incidents that were studied, with malware accounting for 40% of the data breaches. Interestingly, hacking and malware accounted for 72% and 54%, respectively, of the data breaches experienced by small businesses, but only 40% and 36%, respectively, in large businesses.

The reason is fairly simple, said Marc Spitler, senior analyst with Verizon’s RISK (research, investigations, solutions, knowledge) team.

“Large corporations are doing, and have done, a better job of protecting their Internet-facing assets,” Spitler said. “They have limited the number of assets that are open to the Internet; they’ve done a good job of establishing a business need for each device that’s open to the Internet and each service or port that’s open to the Internet. They’ve done a good job of tightening that down.”

That’s clearly not the case with small and medium-sized businesses, Spitler said.

“It’s still a matter of not securing devices that are connected to the Internet properly,” he said. “That goes to … not having a firewall that does basic port blocking, allowing only the people who need access to certain things in and not allowing others … That’s one of the biggest weaknesses we see in small and medium-sized businesses.”

Indeed, the report indicates that 76% of network intrusions exploited weak or stolen credentials (user names and/or passwords).

A lack of money for such protections isn’t the problem, according to Spitler.

“The controls that would need to be put in place to protect the small and medium businesses … would be nominal, and—in some cases—there would not be any additional hardware or technology costs.” said Spitler, whose company has a business unit, dubbed Verizon Enterprise solutions, that provides managed security and security consulting services.

“[The problem] is that they don’t have an information-technology staff, and they certainly don’t have an information-security staff,” he continued. “They’re relying on things that are being set up by vendors and third parties, and there might be an assumption that a password would be changed, and it’s not. I don’t necessarily know where the blame lies in that relationship, but that’s the situation that they’re in.”

The report further indicates that 71% of the data breaches were driven by financial motives, which would explain why 61% of them targeted financial institutions, retailers or restaurants, in search of bank-account, credit-card and debit-card information. But Spitler said government entities shouldn’t rest easy, because they also have sensitive data in their possession—for example, social-security numbers—plus they accept credit cards and debit cards as payment for various services.

And then there’s the activist factor. When activist groups get riled, denial-of-service attacks on government networks often follow.

“We certainly saw a lot less [activism] this year in our data set, but they might just be switching tactics,” Spitler said. “They’re still out there. We just haven’t seen the very splashy data breaches—the multi-million-record-loss incidents that we saw [in 2011]. Last year was sort of a one-year wonder.”

The good news is that hackers tend to go after low-hanging fruit, and government agencies typically have robust data-security protections in place. The analogy is that of a burglar, who wants to find the easiest, least risky way into a home. As is the case with many home homeowners, businesses often leave the doors and windows to their data unlocked.

“There’s no need for them to rappel through the chimney, if they can walk through the front door,” Spitler said. “And the financially motivated hackers, especially, are going to think the exact same way. They’re not going to try to find a new vulnerability in an operating system, or create [a new method of attack], when they can either find an easy way in or use a commoditized malware to do their work for them.” 

Tags: Data Network Network Management Software Security Cybersecurity Enterprise Security Software State & Local Government Tracking, Monitoring & Control Article

Related


  • Verizon today issued its 2013 data-breach report, which is based on the analysis of 47,000 reported security incidents and 621 confirmed data breaches suffered last year. The report indicates that hackers are responsible for more than half of all data breaches.
  • Verizon today issued its 2013 data-breach report, which is based on the analysis of 47,000 reported security incidents and 621 confirmed data breaches suffered last year. The report indicates that hackers are responsible for more than half of all data breaches.
  • Verizon today issued its 2013 data-breach report, which is based on the analysis of 47,000 reported security incidents and 621 confirmed data breaches suffered last year. The report indicates that hackers are responsible for more than half of all data breaches.
  • Verizon today issued its 2013 data-breach report, which is based on the analysis of 47,000 reported security incidents and 621 confirmed data breaches suffered last year. The report indicates that hackers are responsible for more than half of all data breaches.

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • Dependency problems increase for open-source components
  • How smart environments will take shape post-COVID-19
  • RootMetrics 5G report puts AT&T in first place
  • Newscan: Cincinnati to pay $6 million to settle suit in death of Kyle Plush who called 911

Commentary


Unlocking the power of ESInets: Different NG911 provisioning approaches exist; level of control is key differentiator

7th April 2021

Ransomware? Let’s call it what it really is: extortionware

21st February 2021

Redefining communications for today’s mobile workforces

18th February 2021
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

Attackers compromised code-checking vendor’s tool for two months dlvr.it/Ry7c0F

21st April 2021
UrgentComm

Will the feds set our broadband Internet prices? dlvr.it/Ry7bx0

21st April 2021
UrgentComm

Newscan: Chinese hackers compromise dozens of government agencies, defense contractors dlvr.it/Ry7MYD

21st April 2021
UrgentComm

Florida secures radio-system revenue for five years, agencies await clarity on statewide LMR dlvr.it/Ry4Wb8

20th April 2021
UrgentComm

The IoT security challenge for enterprises dlvr.it/Ry4WYd

20th April 2021
UrgentComm

Clearing a path to multicloud as the new foundation for digital government dlvr.it/Ry0blK

19th April 2021
UrgentComm

📣 Registration is Officially Open for #IWCE2021! 📣 It's been more than two years, but IWCE is finally headed back t… twitter.com/i/web/status/1…

19th April 2021
UrgentComm

Public Safety Technology Alliance (PSTA) to shut down dlvr.it/RxpbTh

16th April 2021

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • Microwave/RF
  • T&D World
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X