Disaster-Resource.com

Security Breaches Aren’t Discovered For Months, Study Says
A new study says it takes most public and private sector organizations as much as a few weeks or months to discover that their networks have been breached by outside forces. What’s even worse is that most of the time, a third party is the one who discovers the breach.

In an article on the Government Technology website, Hilton Collins says the report by the Verizon Business Risk Team also found that nine out of 10 of these breaches could have been prevented had the agencies implemented common security protocols.

The 2008 Data Breach Investigations Report, Collins says, compiles data from more than 500 forensic cases handled by the Verizon Business Response Team from 2004 to 2007. The average number of records per breach was approximately 1.2 million.

According to Collins, the report contains some “eye-opening findings about the nature of breaches and who’s behind them,” including:

  • It was months before 63 percent of infiltrated organizations knew they had been compromised, weeks for 18 percent, days for 14 percent, hours for three percent and years for two percent. In 64 percent of cases, it only took hours or days to compromise systems after the first point of entry.
  • Seventy-three percent of data breaches came from external sources, 18 percent were caused by insiders, 39 percent implicated business partners and 30 percent involved multiple parties.
  • Some form of error — in 62 percent of cases — either directly or indirectly contributed to a breach, 59 percent resulted from hacking intrusions and 31 percent incorporated malicious code.
  • Sixty-six percent of breaches involved data that the victim organizations didn't know existed, 75 percent of breaches were discovered by a third party and not someone in the victimized organization, 85 percent of breaches were opportunistic attacks and 87 percent were considered avoidable through reasonable controls.
  • When hacking occurred, 39 percent of attacks targeted the application/service layer, 23 percent targeted the operating system/platform layer, 18 percent exploited a known vulnerability, five percent exploited unknown vulnerabilities and 15 percent of hacking breaches showed evidence of re-entry via backdoors.

To read the full article, click here: http://www.govtech.com/gt/articles/416364