Fewer Hacked Records Does Not Mean Better Security 23
snydeq writes "The total number of compromised records has dropped substantially over the past couple of years, but not because organizations have come up with a superior recipe for defending their networks, InfoWorld reports. Instead, attackers are continually employing more focused forms of attack, looking for company intellectual property and financial data. Moreover, the low hack rate is also indicative of increasing ambition on the part of criminals. 'Today's APT (advanced persistent threat) attacks are aimed at taking over entire companies. At that level, individual data records just aren't that interesting.'"
password = "password" (Score:5, Informative)
Table 8. Top 15 Threat Action Types by number of breaches and number of records
Category Threat Action Type Short Name Breaches Records
1 Malware Send data to external site/entity SNDATA 297 1,729,719
2 Malware Backdoor (allows remote access / control) MALBAK 294 2,065,001
3 Hacking Exploitation of backdoor or command and control channel HAKBAK 279 1,751,530
4 Hacking Exploitation of default or guessable credentials DFCRED 257 1,169,300
5 Malware Keylogger/Form-grabber/Spyware (capture data from user activity) KEYLOG 250 1,538,680
6 Physical Tampering TAMPER 216 371,470
7 Hacking Brute force and dictionary attacks BRUTE 200 1,316,588
8 Malware Disable or interfere with security controls DISABL 189 736,884
9 Hacking Footprinting and Fingerprinting FTPRNT 185 720,129
10 Malware System/network utilities (PsTools, Netcat) UTILITY 121 1,098,643
11 Misuse Embezzlement, skimming, and related fraud EMBZZL 100 37,229
12 Malware RAM scraper (captures data from volatile memory) RAMSCR 95 606,354
13 Hacking Use of stolen login credentials STLCRED 79 817,159
14 Misuse Abuse of system access/privileges ABUSE 65 22,364
15 Social Solicitation/Bribery BRIBE 59 23,361
Honorable Mention at #16
16 Hacking SQL Injection SQLINJ 54 933,157