Verizon report: 9 patterns of data breach attacks

Kelly Hill

10 years ago

Verizon’s annual examination of data breaches around the world found that most of the 100,000 security incidents over the past 10 years fall into one

Source: Verizon 2014 Data Breach Investigations Report

of nine patterns — and that governmental or corporate espionage is increasingly driving attacks, with financial-based attacks on the decrease.

This is the seventh year that Verizon has published the examination of suspected and actual data breaches, and each year the company has been able to add more data sources, according to Marc Spitler, senior analyst and co-author of the Data Breach Investigations Report (DBIR).

“This report looks a lot different than its predecessors,” said Spitler, adding that having 50 contributors to the underlying data for the report substantially broadened its perspective.

The report analyzes more than 1,300 confirmed data breaches and more than 63,000 reported security incidents. Over the 10 years of data that Verizon is now including, there are about 100,000 incidents and more than 3,800 confirmed data breaches.

Subscribe now to get the daily newsletter from RCR Wireless News

Verizon researchers looked back over data from the past decade this year, and were able to conclude that 92% of the security incidents fell into nine basic attack patterns, which vary from industry to industry.

“We thought that was very interesting, and very valuable,” Spitler said. “We want this to be actionable.”

Mobile has not been a significant contributor to overall network intrusions, Spitler said. He added that mobile security risks typically come in the form of attempting to get a foothold to internal networks via malware, or by stealing credentials from mobile devices to be used in penetrating wired connections.

The graph at right shows the distribution of types of attacks over various verticals. The nine patterns that Verizon identified include:

miscellaneous errors such as sending an email to the wrong person
crimeware (malware designed to gain control of systems)
insider misuse or privilege misuse
physical loss or theft
Web app attacks
denial of service attacks
cyber-espionage
point of sale intrusions
payment card skimmers

According to the report data, the mining and manufacturing industries are particularly prone to cyber-espionage attacks. Overall, cyber-espionage saw a more than three-fold increase from the 2013 report, with 511 incidents. This was partly due to a larger data set, Verizon noted. China was the primary source of those attacks, but Eastern Europe accounted for more than 20%.

Spitler noted that although point-of-sale attacks have been garnering significant press in the wake of the holiday shopping season, those type of attacks aren’t on the cutting edge of network intrusions and have actually fallen in their contribution to the overall number of attacks. However, POS intrusions still make up the majority of attacks in the accommodation industry, which Verizon categorized as lodging and restaurants: nearly 75% of the attacks in that vertical were POS, which denial of service and insider misuse trailing far behind.