Cyber threats increasing in sophistication yet still rely on ‘decades-old techniques’

Practically every significant computer security breach at government agencies, large companies and other organisations can be traced to nine basic attack patterns according to Verizon’s latest annual Data Breach Investigations Report.

Apr 29, 2015
By Paul Jacques
Andy Prophet with PCC Jonathan Ash-Edwards

Practically every significant computer security breach at government agencies, large companies and other organisations can be traced to nine basic attack patterns according to Verizon’s latest annual Data Breach Investigations Report.

These nine threat patterns – miscellaneous errors, such as sending an email to the wrong person; crimeware (various malware aimed at gaining control of systems); insider/privilege misuse; physical theft/loss; web app attacks; denial-of-service attacks, cyber espionage; point-of-sale intrusions and payment card skimmers – were used in 96 per cent of the almost 80,000 security incidents analysed in this year’s report.

Yet despite cyber attacks becoming increasingly sophisticated, the report says many criminals still rely on decades-old techniques such as phishing and hacking.

The bulk of the cyber attacks (70 per cent) used a combination of these techniques and involve a secondary victim, adding complexity to a breach.

Another troubling area singled out in this year’s report is that many existing vulnerabilities remain open, primarily because security patches that have long been available were never implemented. In fact, many of the vulnerabilities can be traced to 2007 — a gap of almost eight years.

Last month, as part of a UK-wide week of coordinated action against cybercrime led by the National Crime Agency (NCA), around 60 businesses were visited with customised security data reports, identifying 5,531 compromises on servers within the UK. The compromises could be used to send out spam email, launch attacks against websites or servers, or install phishing websites to gain access to sensitive information.

The NCA estimates that organisations acting on this advice could, between them, clean up to half of the phishing attacks that typically originate from the UK each month.

The data was provided by CERT-UK (the UK’s Computer Emergency Response Team) and the Shadowserver Foundation, which uses volunteer security professionals to gather intelligence on the ‘dark side’ of the internet.

The work is part of the NCA and police’s wider ongoing programme of engagement with industry partners, including ISPs (internet service providers), banks and security firms to collaboratively tackle crime threats to the UK and help facilitate the clean-up of the UK’s internet infrastructure.

Andy Archibald, deputy director of the NCA’s National Cyber Crime Unit, said: “Awareness of the type of cybercrime dangers which are out there is vital, as is collaboration between organisations across different sectors, regions and countries to develop the most effective ways of combating those threats.”

As in previous Verizon reports, this year’s findings again pointed out what researchers call the “detection deficit” — the time that elapses between a breach occurring until it is discovered. In 60 per cent of breaches, attackers are able to compromise an organisation within minutes, yet the report points out that many cyber attacks could be prevented through a more vigilant approach to cyber security.

Mike Denning, vice-president of global security for Verizon Enterprise Solutions, said: “While there is no guarantee against being breached, organisations can greatly manage their risk by becoming more vigilant in covering their bases. This continues to be a main theme, based on more than ten years of data from our Data Breach Investigations Report series.”

This year’s report includes a first-time overview of mobile security, internet of things technologies and the financial impact of a breach and shows that, in general, mobile threats are overblown with the number of exploited security vulnerabilities across all mobile platforms negligible.

Clinton Karr, senior security strategist at enterprise security specialist Bromium, said the report demonstrates that five sectors are being attacked more than any other: public sector, finance, technology, manufacturing and retail.

“Logically, cyber attacks are following the money,” he explained. “Retail and finance hold valuable bank accou

Related News

Select Vacancies

Deputy Chief Constable

Essex Police

Inspectors on Promotion to Chief Inspector

Greater Manchester Police

Police Sergeant Transferee

Merseyside Police

Copyright © 2024 Police Professional