Cyber-criminals stole more information in 2008 than in the
previous four years combined, according to a study published
today.
Most attacks (93%) targeted the
financial sector and 90% were carried out by
organised criminal groups, the
Verizon Business 2009 Data Breach Study found.
An estimated 285 million records were compromised in 90
confirmed data breaches.
Investigators said that fact that 17% of attacks were highly
sophisticated and accounted for 95% of breaches proves that hackers
are motivated and know where and what to target.
"Good security and a proactive approach are paramount to running
a business in this day and age, particularly since the economic
crisis is likely to trigger a further increase in criminal
activity," said Peter Tippett, vice-president of research and
intelligence at Verizon Business Security Solutions.
The study found that nearly nine out of 10 breaches were
avoidable if security basics had been followed.
Hackers typically use default credentials or an improperly
configured database to break into systems and install software to
steal other access information.
Most of the breaches investigated did not require difficult or
expensive preventive controls, the report said.
"Mistakes and oversight failures hindered security efforts more
than a lack of resources at the time of the breach," the report
concluded.