Reading the Verizon Data Breach Investigation Report 2014

Verizon Data Breach Investigation Report 2014, to better understand how attackers can affect company business, and learn the proper countermeasures.

Verizon firm provided the first data related to its annual report titled Verizon’s 2014 Data Breach Investigations Report (DBIR). The document reports specific sections around common incident patterns covering the bad actors, the techniques used, targets hit, timelines of the attacks and specific recommendations to mitigate the threat.

The experts observed that the majority of incidents could be placed into one of nine principal patterns, discovering a correlation between them and various industries.

The data for Verizon’s 2014 Data Breach Investigations Report (DBIR) were collected with the participation of 50 global companies contributing, 1,367 confirmed data breaches and 63,437 security incidents in representing of 95 countries. The last year was characterized by an impressive number of incidents which involved Payment systems, 2013 may be remembered as the “year of the retailer breach,” an year in which offensives mutated from geopolitical attacks to large-scale attacks on payment card systems. The report identified the following principal motives for bad actors responsible of data breaches

As shown in the graph the cyber espionage is in constant increase while a flection has been observed for Financial motivation, but I believe it is just a temporary phenomenon.

The industries that most of all were victims of cyber espionage attacks from other countries are utilities, manufacturing, and mining. In the below table are reported for each industry the percentage of incidents related to the various attack category. For example, in Accommodation industry the 75% of the attacks is related to POS Intrusion.

The report continues to provide detailed data for each attack method, including recommendations to limit the exposure to the cyber threats. Referring the Web attacks the Verizon data breach reports that the primary causes are the exploitation of weaknesses in the application and the exploitation of stolen credentials to impersonate a valid user.

A significant number of attacks targeted popular content management systems (e.g., Joomla!, WordPress, or Drupal) to gain control of servers for use in DDoS campaigns. Security experts at Verizon recommended the following controls to mitigate the threats:

Don’t use single-factor password authentication on anything that faces the Internet;
Set up automatic patches for any content management system such as Drupal and WordPress;
Fix vulnerabilities right away before the bad guys find them;
Enforce lockout policies;
Monitor outbound connections.

The report is full of interesting information on data breach … it’s a must read!

Pierluigi Paganini

(Security Affairs – Verizon’s 2014 Data Breach Investigations Report, Security)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.