Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Criminals Cast Wide Net: Verizon Reports More Numerous But Smaller Breaches: Page 2 of 2

This is the fourth Verizon Data Breach Investigations Report. The first encompassed several years of investigations. For the second straight year, the report includes investigations by the U.S. Secret Service, which is responsible for investigating financial crime. In an effort to continue to expand the pool of cases, this year's report also includes selected investigations by the Dutch National High Tech Crime Unit, which Novak says is one of the most active cyber crime investigation organizations in the world.

Another startling change was the percentage of breaches that involved external agents--92%, a 22% increase over 2009. Internal agents were responsible for 17%, a 31% decrease. (Some breaches used both internal and external agents.) The report states that these figures are more a result of a huge increase in attacks involving external agents, rather than a drop in internal techniques.

Verizon hypothesizes that the increase "reflects an ongoing industrialization process of sorts in attack methods, creating economies of scale by refining standardized, automated and highly repeatable attacks directed at smaller, vulnerable and largely homogeneous targets"

What has not changed is that almost all of these breaches were easily avoidable, a recurring theme throughout every report. The breaches did not require particularly sophisticated attacks: 97% were avoidable through simple or intermediate controls.

See more on this topic by subscribing to Network Computing Pro Reports Alert: The Long Arm of Database Security (subscription required).