Top Findings from Verizon 2015 Data Breach Investigations Report

written by Chris Griesemer

Every year Verizon comes out with its Data Breach Investigations Report. This year the report was based on 79,790 security incidents, 2,122 data breaches and 70 contributors. Go to http://www.verizonenterprise.com/DBIR/ to read the full report. Highlights of the Data Breach Investigations Report:

• $400 million is estimated to have been lost from 700 million compromised records.
• CVE stands for Common Vulnerabilities and Exposures. If you look at the details of patches applied to different software, you can find the CVE it is supposed to fix or mitigate. The report found 99% of all exploited vulnerabilities had been compromised more than a year after the CVE was published.
• Most of the attacks exploited know vulnerabilities where a patch has been available for months, often years.
• RAM scraping is a term used with credit card machines at stores. When your credit or debit card is swiped, it takes the number and encrypts it. However, there is a very small amount of time that your number is stored in RAM before it is encrypted and deleted. RAM scraping is basically copying that number, after it has been stored, before it is deleted in a millisecond of time. This type of compromise was found in most of the high profile data breaches of the year.
• In 28% of cases, it took attackers just minutes to steal data.
• In 38% of cases, it took attackers just seconds to compromise systems.
• In more than a quarter of the cases, it took days or even months for organizations to discover the breach.
• 23% of users still open phishing emails and 11% open attachments. These results are better than most marketing campaigns.

Recommendations:

• Make sure machines are patched in a timely manner. Automate the patch management process by implementing an application like GFI Languard. It controls patch management and has a vulnerability scanner that allows a business to confirm patches are being applied properly. Credit and debit cards are harder to secure because you are at the mercy of the store you use them at. Most credit card companies have anomaly software that can recognize when you purchase something out of the norm of your spending pattern. Make sure your credit card company is using this software. It is also worth checking into a company like LifeLock that protects your identity in the event your information is stolen.
• Implement a thorough awareness program for phishing. Many new techniques are being used, so it is important to keep your employees updated with the ways hackers are using phishing emails.

If you have any questions about these or any other data breaching techniques, please do not hesitate to call Chris Griesemer or Chris Podurgiel at 417-881-0145.