Financial motives are behind most data breaches


Large-scale financial cybercrime and state-affiliated espionage dominated the cyber security landscape in 2012, according to a new report on data breaches, which warned that healthcare facilities should be especially vigilant around any form of data that contains financial information.

The Verizon 2013 Data Breach Investigations Report found that financially-motived cybercrime took the top spot for all breaches (75 per cent), with state-affiliated espionage campaigns claiming the number two spot (20 per cent).

The report also found that the proportion of incidents involving hacktivists – individuals who act on the basis of ideological motivations or even just for fun – held steady, but the amount of data stolen decreased, as many hacktivists shifted to other forms of attacks, such as Distributed Denial of Service (DDoS) attacks. These attacks are aimed at paralyzing or disrupting systems which also have significant costs because they impair business and operations.   

“The bottom line is that unfortunately, no organization is immune to a data breach in this day and age,” said Wade Baker, principal author of the Data Breach Investigations Report series. 

“We have the tools today to combat cybercrime, but it’s really all about selecting the right ones and using them in the right way. In other words, understand your adversary – know their motives and methods, and prepare your defenses accordingly and always keep your guard up,” Baker said.

According to Suzanne Widup, Senior Analyst with Verizon’s RISK Team, healthcare breaches tend to resemble retail breaches in that the target is commonly payment chain information.

“Wherever the payment data is going from when you first collect it all the way to the reconciliation so anywhere that you store that data it can be at risk,” she says.

“The people who are perpetrating these kinds of breaches will have one vulnerability that they know how to exploit and they’re just looking for systems that they can use this against. If your system is the same kind of system and it has the same vulnerability and you haven’t patched it then you may wind up finding yourself a target.”

She added that it is important to have tight controls over who can access your system.

“One of the things that we do see every year across the board is cases of disgruntled employees who’ve been let go and they come back and use access that hasn’t been turned off after the termination. We really want to stress to organizations that they if employees are no longer on your pay role they really should no longer be on your systems.”

data breaches, cyber security, hacktivists, The Verizon 2013 Data Breach Investigations, risk management