18 common data breach scenarios

17
Mar
2016
Data Breach, Hacker, Information Management, IT, IT Security, Data Center, Verizon, Atlanta, Jacksonville, Dothan, Tallahassee, Thomasville, Albany, Tifton, Valdosta
300 Views

 

Verizon has just released their annual Data Breach Digest, outlining the themes that came out of their investigation of 500 cases pertaining to cyber security. All of these breaches were broken down into 18 common scenarios, clustered into four groups. I’ve outlined them below to give you a teaser of the 84 page document.

  1. The human element—five scenarios highlighting human threats or targets (48% of breaches)
    1. Social Engineering (16% of breaches)
      1. This is generally used for cyber espionage by organized crime or a government such as China, Argentina, North Korea, and Russia
    2. Financial Pretexting (7% of breaches)
      1. This is generally used for financial gain by organized crime
    3. Digital Extortion (9% of breaches)
      1. This is generally used for financial gain by organized crime using ransomware on an organization’s server
    4. Insider Threat (12% of breaches)
      1. This is generally used by employees with access to money or financial transactions with a grudge.
    5. Partner Misuse (4% of breaches)
      1. This is generally when a principal takes advantage of partners
  2. Conduit devices—five scenarios covering device misuse or tampering (65% of breaches).
    1. USB Infection (4% of breaches)
      1. This is generally associated with state and organized crime, used for corporate espionage and financial gain
    2. Peripheral Tampering (1% of breaches)
      1. Organized crime in Eastern Europe, Brazil, and the US are typically associated with the payment card skimmer breach
    3. Hactivist Attack (3% of breaches)
      1. Groups like Anonymous target organizations they have differences with to shut down or deface their websites and interrupt their ability to operate
    4. Rogue Connection (4% of breaches)
      1. Organized crime uses phishing, spyware, and key logger software to steal financial information.
    5. Logic Switch (53% of breaches)
      1. State and organized crime use SQL injection and stolen credentials to manipulate account balances, create non existent funds, bypass security, and cash out quickly.
  3. Configuration exploitation—four scenarios focusing on reconfigured ormisconfigured settings (100% of breaches – some use multiple methods simultaneously).
    1. SQL Injection (11% of breaches)
      1. These attacks abuse an application’s interaction with its backend database. They frequently target web applications.
    2. Content Management System (CMS) Compromise (46% of breaches)
      1. CMS vulnerabilities are used to install backdoor software the attacker can come back to later to access the data or use the system.
    3. Backdoor Access (51% of breaches)
      1. Once a backdoor has been created in an application, the infiltrator can push further into the organization’s systems and install other malware to capture keystrokes, escalate privileges, compromise accounts and export data.
    4. Domain Name System (DNS) Tunneling (1% of breaches)
      1. This involves creating an unintended communication channel to a C2 server to exfiltrate data. Networks with particularly tough security protocols are typically the target of these attacks.
  4. Malicious software—four scenarios centering on sophisticated orspecial-purpose illicit software (86% of breaches).
    1. Data Ransomware (4% of breaches)
      1. This malware is used to prevent users from accessing data until they pay a ransom to have it unlocked. Organized crime are the typical perpetrators.
    2. Sophisticated Malware (32% of breaches)
      1. Antivirus software is rendered ineffective because this utilizes custom-written, special purpose malware. This generally occurs in targeted attacks.
    3. RAMscraping (8% of breaches)
      1. Organized crime uses customized tools for identifying and exporting specific data, generally financial.
    4. Credential Theft (42% of breaches)
      1. These spyware/keylogger attacks involve unauthorized software or hardware used to gain access to protected elements of an organization’s IT infrastructure and are used for financial gain and espionage.

 

LEAVE A COMMENT

Our Latest Consulting Insights

Why are Rural Healthcare Providers Under Such Tremendous Pressure?

Despite challenging environment, rural hospitals remain the lifeblood of many communities A love letter to rural hospitals  Rural hospitals provide more than just healthcare to their patients, they provide jobs, economic boosters, recruiting panache for local companies, and an overall sense of belonging in the […]

Read More

Learn which shredding container best suits your business

Do you have the right shredding container for your business? How many times have you walked through an office and inadvertently seen some sensitive information laying on a desk or noticed an associate piling papers in an unsecured cardboard box under their desk? We get […]

Read More

Video: Should my business scan all its records?

Answers with Anna: Should my business scan all its records? Welcome to our new video series, Answers with Anna! Featuring SRS Solutions Creator Anna Ligon, Answers with Anna answers some of the most frequently asked questions we receive. In our first installment, we tackle the question, […]

Read More

Consider Purge and Regular Shred Services for your New Year

Have you made your company’s New Year’s Resolution?  If you’re still thinking about a New Year’s Resolutions for your company, we’ve got a suggestion. Get rid of months’ – or even years’ – worth of old paper by utilizing our one-time shred purge services. Purge […]

Read More

Happy Holidays from Secure Records Solutions

The holiday season is in full swing; it is a time to celebrate and enjoy with family and friends. Before the hustle and bustle of the season gets into full swing, I always like to reflect upon the previous year. It’s been a year full […]

Read More

What’s next in the rural healthcare crisis

Imagine having to drive hours to the nearest hospital to deliver a baby or while experiencing chest pains. For those in rural areas across the country (which, according to the American Hospital Association, is nearly 20 percent of the population), this is a reality. In our […]

Read More

Tifton CEO: Secure Records Solutions Merges with ShredEZ

Tifton CEO recently shared a media release regarding Secure Records Solutions’ merger with ShredEZ out of Adel, Georgia: Tifton CEO reports that Secure Records Solutions (SRS) is a family owned and operated document management company headquartered in Thomasville, Georgia. The merger with ShredEZ, the first […]

Read More

Does your business violate the FACTA disposal rule?

The FACTA Disposal Rule is designed to prevent the unauthorized access to – or use of – information in a consumer report. Is your business compliant? When people think of business regulation, the Securities and Exchange Commission or HIPAA may come to mind first. But […]

Read More

EMR, Electronic Medical Record, EHR, Electronic Health Record, HIPAA, Scanning Medical Records, Thomasville, Tallahassee, Albany, Valdosta, Tifton, Dothan, Jacksonville, Atlanta, AHIMA, GHIMA, FHIMA

HomeTown Health 2019 Executive Leadership Program

Christopher P. Jones, Secure Records Solutions Partner, among 12 HomeTown Health Graduates of 2019 Executive Leadership Program Twelve individuals from Georgia rural hospitals and supporting organizations graduated from the HomeTown Health 2019 Executive Leadership Program. This group of individuals was recognized at the graduation and […]

Read More

How To Solve Your Office’s Space Issue

Does your office have a space issue? Hint: It’s actually a management issue! Recently, a potential client called me up and said they needed SRS to help them immediately. It was urgent – the practice’s office was literally running out of room. We, of course, […]

Read More