The growth in the number of devices connected to the Internet of Things (IoT) has set the stage for malicious actors to come after high-value information on a global scale, according to findings from Verizon’s latest look at data breaches.
The 2016 Data Breach Investigations Report outlines some troubling trends that haven’t necessarily evolved, but have certainly gotten more dangerous to our tech-centric way of life.
By studying the patterns and tactics used to inflict damage in the cyber-realm across myriad industries, Jonathan Nguyen-Guy, CIO of Global Security Solutions with Verizon Enterprise Solutions, said researchers have been able to effectively reconstruct the hacker “playbook” and what is happening in “the wild.”
This year’s report — the ninth such study by Verizon — is based on more than 100,000 incidents and 3,141 confirmed data breaches. Of this larger data set, analysts evaluated more than 64,000 incidents and 2,260 breaches.
All told, the lengthy analysis and research from partners around the world show the vast majority of attacks falling within nine common attack vectors.
“What we’ve found is that over 90 percent of those data breaches could be categorized into one of nine incident patterns, and that these patterns are pretty consistent and have been over the last 11 years,” he told Government Technology. “When we look at this year’s report, there are three key themes that come across, and the first one is that it is really about economics.”
These vectors include things like stolen credentials or equipment, denial of service, malware and phishing attacks.
“The heart of that is the statement that crime pays," Nguyen-Guy said, "and cybercrime pays and it pays very well."
The harsh reality of modern IT is that a brief, 30-minute window inside a compromised network is enough to cause tens of millions of dollars in damages, as occurred in the Saudi Aramco breach in 2012.
In this case, a malicious email corrupted systems, caused damage or destruction to a reported 35,000 computers, and triggered substantial operational setbacks, according to a CNN Money report.
“The interval between the detonation of malware or when someone launches an attack to when damage is done to a network, when devices are destroyed, when memory is erased and things are irreparably damaged is shortening with every passing year,” Nguyen-Guy said.
According to the CIO, it isn’t that attacks have become more sophisticated, it’s more that hackers haven’t needed to change their approach and continue to use proven tactics that get them entry into sensitive networks and systems.
“What we’re seeing is that the attackers are not really developing new methodologies of attack," Nguyen-Guy said. "They are refining very time-tested and proven methodologies, and they are readily successful."
Another problem faced by both the public and private sector is the ever-expanding number of devices in the workplace. From smartphones to fitness trackers and iPads, the challenge of mitigating the ramifications of a possible breach caused by these connected electronics is something many IT departments may think they understand, but don’t.
While there is no shortage of suggestions as to how to best insulate networks from unauthorized access, Nguyen-Guy points to basic actions as being the most effective defenses.
Tactics like requiring multi-factor identification, training employees to recognize a potentially harmful email and knowing the capabilities and vulnerabilitis of your networks, can go a long way to stop data breaches. But until the larger profit machine for ill-gotten data is slowed, hackers aren't likely to stop on their own.
“Until we disrupt the dynamics in the threat environment and the marketplace," he said, "we’re not going to see a fundamental improvement in cybersecurity, whether that’s commercial or public sector."