To protect against hacks, security researchers need to peer into the wily minds of cybercriminals and glimpse the ever-changing motivations and techniques they use to go where they’re not invited. So every year, Verizon (VZ) surveys law enforcement, private security firms, and other technology organizations about hacks they have tracked at companies, the government, and other groups. This year’s report grew to include 50 organizations disclosing a collective 63,000 “security incidents” and 1,367 actual data breaches. All told, they show how the hacks that get the most attention aren’t necessarily a harbinger of what’s on the horizon.
The epic hack of Target (TGT), the biggest retail breach in U.S. history, involved an attack at what’s called the “Point of Sale,” (POS) the device customers use to swipe their cards when they check out at a store. While the Target breach has dominated recent discussions, Verizon said point-of-sale attacks are old news. “At the risk of getting all security-hipster on you—we’ve been talking about this for years,” Verizon wrote. It said that because the breaches got so much attention, they’re generally far less frequent than they were just two years ago. Instead, there’s growth in attacks on websites, the “proverbial punching bag of the Internet.”
Verizon said about two-thirds of the 1,126 Web app attacks it studied were motivated by “ideology/fun” and use compromised servers for two ends: “defacements to send a message or hijacking the server to attack … other victims.” Most of the remaining third of Web app attacks are by hackers on the hunt for money. These assailants, largely based in Eastern Europe, use relatively simple methods when they break into banks, including tricking users to give up passwords or “the old stand-by of brute force password guessing,” according to the report. When they attack retailers, they tend to exploit security flaws in their websites.
Spying is also on the rise. More than half of documented espionage attacks were against U.S. targets, and 87 percent were perpetrated by state-affiliated actors. While many appeared to originate in China, more than a fifth of the espionage attacks in Verizon’s dataset came form Eastern Europe.
So how is the security industry doing in tracking these and other hacks? Verizon prescribes “a deep, calming breath before diving into this last one.”
The red line shows that hackers have gotten faster at breaking in doing their deeds, while the blue line shows defenders aren’t keeping up. “This doesn’t scale well, people,” Verizon warned. As Bloomberg Businessweek’s recent cover story on the Target hack showed, discovering a breach is just part of the battle. What companies do with that intel is no less a question.