Cybersecurity professionals are struggling to keep up with increasingly complex attacks, while also fending off a barrage of classic data breaches, according to the annual Verizon Data Breach Investigations Report.
Researchers for the report analyzed more than 2,100 confirmed data breaches that occurred during 2014, and nearly 80,000 security incidents in 61 countries. The report includes contributions from forensic firms, service providers, government agencies and international Computer Security Information Response Teams (CSIRT).
The majority of attacks (70 percent) are intended to reach secondary victims, according to the report, which cites instances of websites being hacked with the intention of compromising visitors with malware — software designed to damage or disable computers. The report found that most attacks are executed using age-old phishing and hacking strategies.
This year's report emphasized the “detection deficit”, the time between when a breach first occurs and its discovery by the victim. In 60 percent of breaches, attackers are able to compromise organizational data within minutes, according the report.
Nearly 75 percent of attacks spread to secondary victims within 24 hours.
The report also reiterated last year's findings that nine basic threat patterns compromise the vast majority of data breaches: crimeware/malware, insider/privilege misuse, physical theft/loss, Web app attacks, denial-of-service attacks, cyberespionage, point-of-sale intrusions, payment card skimmers and miscellaneous errors.
See The Crime Report's coverage of last year's report, for more on the nine basic threat patterns, linked HERE.
To read this year's full report, click HERE.