10 Things You Need to Know About Data Theft

By Karen A. Frenkel  |  Posted 06-09-2014 Email Print this article Print

A new Trustwave report analyses the behavior of cybercriminals and details the type of information they target most, industries most compromised, how break-ins often occur, malware trends and other critical components of breaches that affect the enterprise. Security firm Trustwave Holdings, Inc. conducted the "2014 Trustwave Global Security Report" by gathering data from 691 breach investigations, a 54 percent increase from 2012, from 24 countries. The Trustwave report also offers an action plan and makes recommendations on how users can protect themselves from cybercriminals. It suggests that IT executives educate their staffs and employees on best security practices, and recommends "annihilating weak passwords" and enforcing authentication policies and practices. Because attackers are diversifying their methods and targets, the report recommends assessing data protection across all assets. "Use penetration testing to evaluate how resilient your systems are to compromise," the report advises. "Develop, institute and rehearse an incident response plan, and identify which events or for indicators of compromise should trigger the plan." To download the report (registration required), click here

  • Cybercriminals Increasingly Target Credit Card Data

    Payment card data continues to top the list of types of data compromised, with 55% of data thefts in 2013 involving payment card data.
    Cybercriminals Increasingly Target Credit Card Data
  • Cybercriminals Steal Confidential Information More Often

    Cybercriminals go after sensitive and confidential information, like financial credentials, internal communications, personally identifiable information and various types of customer records. This type of theft increased 33% in 2013.
    Cybercriminals Steal Confidential Information More Often
  • Targeted Assets: Commerce and Data Systems

    E-commerce made up 54% of targeted assets, point-of-sale breaches accounted for 33%, and data centers for 10%.
    Targeted Assets: Commerce and Data Systems
  • Who Suffers the Most?

    Most victims (59%) live in the U.S., more than four times the next victim location, which is the United Kingdom (14%). Australia ranks third at 11%.
    Who Suffers the Most?
  • Leading Compromised Industries

    35% of attacks struck retailers. Food and beverage ranks second at 18%. Hospitality came in third at 11%.
    Leading Compromised Industries
  • Malware Hosts

    The top three malware countries where cybercriminals are hosted: U.S.: 42%, Russia: 13%, Germany: 9%
    Malware Hosts
  • Spam Still a Favorite

    Cybercriminals love spam. 70% of inbound e-mail included spam, a 5% drop since 2012. 59% of malicious spam included malicious attachments and 41% included malicious links.
    Spam Still a Favorite
  • Favorite E-Mail Subject Lines

    The top three subject lines of spam e-mails are: "Some Important Information Is Missing." "Bank Statement. Please Read." "Important—Payment Overdue."
    Favorite E-Mail Subject Lines
  • Cybercriminals Rely on Java Applets

    Java applets are cybercriminals' delivery method of choice, with 78% of detected exploits taking advantage of Java vulnerabilities.
    Cybercriminals Rely on Java Applets
  • Cybercriminals Exploit Third-Party Plug-Ins

    85% of cybercriminal activity detected in 2013 exploited third-party plug-ins, including Java, Adobe Flash and Acrobat Reader.
    Cybercriminals Exploit Third-Party Plug-Ins
Karen A. Frenkel writes about technology and innovation and lives in New York City.


Submit a Comment

Loading Comments...
Thanks for your registration, follow us on our social networks to keep up-to-date