New threats, old tricks

Verizon's latest Data Breach Investigations Report finds hackers using old techniques to compromise corporate IT and steal data

Inside the Enterprise: In the IT security world, as in so much of technology, there is a fascination with the new. Identifying new and emerging threats is an obsession, and a business, for plenty of people in the industry. CIOs need to be kept abreast of any new risks their organisations might face.

Hackers, though, appear less fixed on new techniques. According to the latest Data Breach Investigations Report, compiled by Verizon, criminals are relying on phishing and hacking methods that have been around for years, if not decades.

Verizon which carries out this research annually says that 70 per cent of cyberattacks are now combined or blended attacks, using a mix of methods to overcome enterprises' defences. These include social engineering and phishing as well as hacking.

As many as 70 per cent of the attacks also use a secondary victim, making defence and attribution harder.

But Verizon is also warning that too many attacks are able to make use of vulnerabilities and exploits that could and should have been patched some time ago. Researchers found significant numbers of vulnerabilities that dated back to 2007. Even in a busy IT department, there are few excuses for leaving a vulnerability unpatched that long.

Simple errors or oversights of this type such as failing to apply patches, update security software or hardware, or to keep up employee training only serve to make cybercriminals' work easier.

It also allows hackers to exploit another trend: for malware to sit on systems, undetected, for long periods of time. So-called "advanced persistent threats" set out to be stealthy, so they can avoid the attention of security teams and extract data over an extended period of time.

Hackers are also hiding malware on organisations' networks, often using known vulnerabilities, or be activated to attack networks later, at will.

As Verizon's researchers point out, the fact that hackers are exploiting known and often old vulnerabilities means that many of the current attacks could be stopped.

The company points to some fairly measures to do this, including raising security awareness, using two-factor authentication and encryption, prompt patching and paying attention to both physical and virtual security.

Financially, this also makes sense. One interesting part of this year's Verizon DBIR is the attempt to quantify the cost of breaches.

The firm has reviewed almost 200 cyber insurance claims, and found that a breach involving the loss of 10 million records ranges between $2.1 million and $5.1 million and could even cost as much as $74 million. "We now know that it's rarely, if ever, less expensive to suffer a breach than to put the proper defence in place," said Verizon's Mike Denning.

If that's not an incentive to review security policies, then it is hard to know what is.

 Stephen Pritchard is a contributing editor at IT Pro.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

How to protect against a DDoS attack
Security

How to protect against a DDoS attack

17 Nov 2020
Hackers steal 8.3 million user records from 123RF
Security

Hackers steal 8.3 million user records from 123RF

13 Nov 2020
Fitness Depot notifies customers of data breach
data breaches

Fitness Depot notifies customers of data breach

8 Jun 2020
Printing company exposes 343GB of sensitive military data
data breaches

Printing company exposes 343GB of sensitive military data

20 Mar 2020

Most Popular

80% of cyber professionals say the Computer Misuse Act is working against them
Security

80% of cyber professionals say the Computer Misuse Act is working against them

20 Nov 2020
Cisco acquires container security startup Banzai Cloud
Security

Cisco acquires container security startup Banzai Cloud

18 Nov 2020
46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020