Data breaches take minutes to happen, but weeks to discover

25 Apr 2016

Orgainsations are only finding out months after an attack that their data has been breached according to Verizon

Phishing is still the No 1 cause of data breaches and hackers are getting faster at breaking in, but firms are struggling and usually only find out weeks and even months later they have been breached, according to the 2016 Verizon Data Breach Investigations Report.

According to the report, in 93pc of cases it took attackers minutes or less to compromise systems.

Meanwhile, it took companies weeks or more to discover that an incident had even occurred.

Worse, it was typically customers or law enforcement that sounded the alarm and not the organisation’s security measures.

‘A test we ran last year found that 23pc of people that opened a message went on to open the attachment. In our latest report that has increased to 30pc’

According to the report, most reasons for breaches are money-related and cyber-attackers are indiscriminate and motivated by greed rather than revenge or some crusade.

Gone phishing, gone data


Laurance Dine, managing principal in charge of investigative response with Verizon, told that phishing is still the chief method hackers use to attack organisations.

The report found that, in 2016, some 63pc of confirmed data breaches involved leveraging weak, default or stolen passwords.

39pc of breaches originate from victims’ own work areas and 34pc from employees’ work vehicles.

Some 70pc of data breaches involving insider misuse took months or years to discover.

The report also revealed that new technologies like mobile and the internet of things are providing hackers with more ways of breaching an organisation’s systems.

The industries most affected by data breaches are the public sector, healthcare and information.

Dine told that the data information was gathered from more than 67 partners worldwide and involved the analysis of 2,260 confirmed data breaches.

“There is still a serious information deficit when it comes to attacks. Attackers are getting into environments in minutes or days and it could be months and years down the line before anyone is aware of it and they usually hear it from law enforcement.

“Phishing is still the principal method of attack. A test we ran last year found that 23pc of people that opened a message went on to open the attachment. In our latest report that has increased to 30pc.”

Dine also said that data-breaching cyber-attackers are getting quite selective about the weaknesses in software that they choose to exploit to breach organisations.

“Software programmes like Adobe are getting hit immediately, the minute hackers hear of vulnerabilities, while at the other end Mozilla takes months before people start attempting to hack it. Microsoft Windows is somewhere in the middle.”

Dine said that the attackers doing the breaching make up a motley crew of hackers ranging from individuals messing to state-level cyber espionage teams.

“But if you are after the low-hanging fruit, the No 1 motivation for data breaches is still financial. Any data worth any value is a target.”

Data breach image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years