New threats, old tricks

Verizon's latest Data Breach Investigations Report finds hackers using old techniques to compromise corporate IT and steal data

Inside the Enterprise: In the IT security world, as in so much of technology, there is a fascination with the new. Identifying new and emerging threats is an obsession, and a business, for plenty of people in the industry. CIOs need to be kept abreast of any new risks their organisations might face.

Hackers, though, appear less fixed on new techniques. According to the latest Data Breach Investigations Report, compiled by Verizon, criminals are relying on phishing and hacking methods that have been around for years, if not decades.

Verizon which carries out this research annually says that 70 per cent of cyberattacks are now combined or blended attacks, using a mix of methods to overcome enterprises' defences. These include social engineering and phishing as well as hacking.

As many as 70 per cent of the attacks also use a secondary victim, making defence and attribution harder.

But Verizon is also warning that too many attacks are able to make use of vulnerabilities and exploits that could and should have been patched some time ago. Researchers found significant numbers of vulnerabilities that dated back to 2007. Even in a busy IT department, there are few excuses for leaving a vulnerability unpatched that long.

Simple errors or oversights of this type such as failing to apply patches, update security software or hardware, or to keep up employee training only serve to make cybercriminals' work easier.

It also allows hackers to exploit another trend: for malware to sit on systems, undetected, for long periods of time. So-called "advanced persistent threats" set out to be stealthy, so they can avoid the attention of security teams and extract data over an extended period of time.

Hackers are also hiding malware on organisations' networks, often using known vulnerabilities, or be activated to attack networks later, at will.

As Verizon's researchers point out, the fact that hackers are exploiting known and often old vulnerabilities means that many of the current attacks could be stopped.

The company points to some fairly measures to do this, including raising security awareness, using two-factor authentication and encryption, prompt patching and paying attention to both physical and virtual security.

Financially, this also makes sense. One interesting part of this year's Verizon DBIR is the attempt to quantify the cost of breaches.

The firm has reviewed almost 200 cyber insurance claims, and found that a breach involving the loss of 10 million records ranges between $2.1 million and $5.1 million and could even cost as much as $74 million. "We now know that it's rarely, if ever, less expensive to suffer a breach than to put the proper defence in place," said Verizon's Mike Denning.

If that's not an incentive to review security policies, then it is hard to know what is.

 Stephen Pritchard is a contributing editor at IT Pro.

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Gumtree site code made personal data of users and sellers publicly accessible
data protection

Gumtree site code made personal data of users and sellers publicly accessible

16 Dec 2021
Pizza chain exposed 100,000 employees' Social Security numbers
data breaches

Pizza chain exposed 100,000 employees' Social Security numbers

19 Nov 2021
83% of critical infrastructure companies have experienced breaches in the last three years
cyber security

83% of critical infrastructure companies have experienced breaches in the last three years

11 Nov 2021
Identity Automation launches credential breach monitoring service
phishing

Identity Automation launches credential breach monitoring service

5 Oct 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022
Synology DiskStation DS2422+ review: A cube of great capacity
network attached storage (NAS)

Synology DiskStation DS2422+ review: A cube of great capacity

10 Jan 2022