If you were told that a new venture for your business would reap nearly 1,500 percent returns, would you pull the trigger? Cybercriminals certainly do. According to a new report from Trustwave Holdings Inc., this is the ROI that an enterprising hacker can get on certain types of breaches involving ransomware, which essentially involves taking data hostage by encrypting it until the rightful owner pays up.
The potential profits from breaches are not the only unnerving statistics revealed in the “2015 Trustwave Global Security Report,” in which the security company analyzes data collected from 574 breach investigations across 15 countries last year.
For starters, it appears that some companies are failing to figure out that they’ve been breached. “Anytime you discover a breach yourself, you’re going to get a jump on things,” Charles Henderson, vice president of managed security testing at Trustwave, told CorpCounsel.com. Clearly, some companies are falling behind. In 81 percent of the investigations studied, the victim organization didn’t detect the incursion internally.
This has real consequences. According to the data, self-detected breaches only lasted a median of 14.5 days from intrusion to containment. Those that were externally detected lasted a median of 154 days. Henderson added that those companies with their own detection capabilities (or with their own managed security services to detect breaches for them) create their own hacker deterrence.
“I think the reason that most companies don’t self-detect is that the companies that are in the position to self-detect in the first place don’t tend to get breached, because they remain in a much better position from a security perspective,” Henderson said.
The report also looked at where breaches are occurring, and concluded that the U.S is still a big target with half the compromises happening within U.S. borders. However, this is a 9 percent decrease from last year. Other countries, such as Australia and the U.K., with 24 percent and 14 percent of attacks, respectively, are taking more of the heat.
Looking at the industries being breached, the most compromised, according to Trustwave, is retail, with 43 percent of investigations in 2014, up from 35 percent in 2013. Henderson said that retailers place a lot of time and energy into their core business and the bottom line. “So security becomes an afterthought,” he said. “But I think more and more you’re seeing retailers paying more attention to security.” Behind retail was the food and beverage industry, followed by hospitality, two other sectors that might not yet be accustomed to focusing on customer data protection.
The report also delved into a perennial problem for companies: trying to encourage the use of better passwords among employees to mitigate breach risk. By looking at thousands of passwords found in penetration testing over the past year, Trustwave found that “Password1” still reigns as the most used password, followed by “Welcome1,” likely because simple passwords are set by network administrators and then never get changed by employees.
If they weren’t using variations on words like “password,” employees often used variations on names and places. Some 8.4 percent of passwords used names from the top 2,000 baby names, and 4.9 percent used U.S. city names. These credentials may be easier for hackers to figure out.
Password length was a big issue as well. Most passwords did not exceed eight characters, the number often required by policy. The report pointed out that the estimated time it takes to crack an eight-character password is a single day, while a password that is slightly longer, at 10 characters, is much safer, taking an estimated 591 days.
No comments:
Post a Comment