Online attacks are on the wane, but that's because cybercrooks are opting for smarter, more targeted approaches to getting at corporate data.
Verizon and the U.S. Secret Service
It appears that cybercrooks are better targeting their efforts. According to the Verizon report, the seeming contradiction between the low data loss and the high number of breaches likely stems from a significant decline in large-scale breaches, caused by a change in tactics by cybercriminals.
“They are engaging in small, opportunistic attacks rather than large-scale, difficult attacks and are using relatively unsophisticated methods to successfully penetrate organizations,” the report says. “For example, only 3% of breaches were considered unavoidable without extremely difficult or expensive corrective action.”
This conclusion matches those of IBM's latest “X-Force 2010 Trend and Risk Report,” which suggests that spam and phishing attacks are leveling off. Also, mobile devices have not been compromised in any big way, yet. The bad news is that IT security threats are getting increasingly sophisticated and targeted.
Based on intelligence gathered through research of public vulnerability disclosures, and the monitoring and analysis of more than 150,000 security events per second during every day of 2010, the observations from the
There were significantly fewer mass phishing attacks relative to previous years, but there has been a rise in more targeted attack techniques. “Spear phishing,” a more targeted attack technique, grew in importance in 2010, as meticulously crafted e-mails with malicious attachments or links became one of the hallmarks of sophisticated attacks launched against enterprise networks. 2010 saw some of the most high-profile, targeted attacks that the industry has ever witnessed.
Verizon and the US Secret Service make the following recommendations for enterprises to keep data secure:
•
•
•
•
•
Joe McKendrick is an author, consultant, blogger and frequent INN contributor specializing in information technology.
Readers are encouraged to respond to Joe using the “Add Your Comments” box below. He can also be reached at
This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.
The opinions of bloggers on