Fewer Hacked Records Does Not Mean Better Security 23
snydeq writes "The total number of compromised records has dropped substantially over the past couple of years, but not because organizations have come up with a superior recipe for defending their networks, InfoWorld reports. Instead, attackers are continually employing more focused forms of attack, looking for company intellectual property and financial data. Moreover, the low hack rate is also indicative of increasing ambition on the part of criminals. 'Today's APT (advanced persistent threat) attacks are aimed at taking over entire companies. At that level, individual data records just aren't that interesting.'"
Fewer hacked records *noticed* (Score:3)
ftfy
Not sure about fewer records (Score:4, Interesting)
Why hack ... (Score:4, Funny)
Re: (Score:3)
Because that only gets you onezies and twozies. Why not crack into the Sony network and get more juicy pickings, lots of them, and while you're at it, disrupt gamers and drive them mad?
Facebook has few to no credit cards. If you brought them down, it would just mean people lost weight by getting some real exercise for a change.
more clicks does not mean better article (Score:3)
InfoWorld: Meh. It could use thirty links and multiple pages.
password = "password" (Score:5, Informative)
Table 8. Top 15 Threat Action Types by number of breaches and number of records
Category Threat Action Type Short Name Breaches Records
1 Malware Send data to external site/entity SNDATA 297 1,729,719
2 Malware Backdoor (allows remote access / control) MALBAK 294 2,065,001
3 Hacking Exploitation of backdoor or command and control channel HAKBAK 279 1,751,530
4 Hacking Exploitation of default or guessable credentials DFCRED 257 1,169,300
5 Malware Keylogger/Form-grabber/Spyware (capture data from user activity) KEYLOG 250 1,538,680
6 Physical Tampering TAMPER 216 371,470
7 Hacking Brute force and dictionary attacks BRUTE 200 1,316,588
8 Malware Disable or interfere with security controls DISABL 189 736,884
9 Hacking Footprinting and Fingerprinting FTPRNT 185 720,129
10 Malware System/network utilities (PsTools, Netcat) UTILITY 121 1,098,643
11 Misuse Embezzlement, skimming, and related fraud EMBZZL 100 37,229
12 Malware RAM scraper (captures data from volatile memory) RAMSCR 95 606,354
13 Hacking Use of stolen login credentials STLCRED 79 817,159
14 Misuse Abuse of system access/privileges ABUSE 65 22,364
15 Social Solicitation/Bribery BRIBE 59 23,361
Honorable Mention at #16
16 Hacking SQL Injection SQLINJ 54 933,157
Re: (Score:2)
DFCRED = dumb fuck credentials?
Please See Sony Story (Score:2)
That article will become invalid once the PS3 Network Hack is completely revealed.
Re: (Score:2)
That article will become invalid once the PS3 Network Hack is completely revealed.
You mean why the PSN is currently down? It seems, Sony, in it's infalliable wisdom, decided that since they PS3 could NOT get hacked, they made it so they didn't check CC# on the dev network. Apparently they made it so you could make Sony think your machine was a dev machine, and once on the dev network, they discovered other stuff, like Sony doesn't check CC#, they assume because you are on their network, you belong there.
It's like leaving your keys in the car, locking the doors, but leaving a window o
Re: (Score:3)
That article will become invalid once the PS3 Network Hack is completely revealed.
You mean why the PSN is currently down? It seems, Sony, in it's infalliable wisdom, decided that since they PS3 could NOT get hacked, they made it so they didn't check CC# on the dev network. Apparently they made it so you could make Sony think your machine was a dev machine, and once on the dev network, they discovered other stuff, like Sony doesn't check CC#, they assume because you are on their network, you belong there.
It's like leaving your keys in the car, locking the doors, but leaving a window open. And of course, you didn't noticed the window open until peeps were joyriding in your car, and stealing your CD's.
Or, it's like having a cellphone that can pay your bills, turn your car on, etc, and you leave it somewhere. oh, and you don't password protect the cell phone.
Sorry, the car example is wrong. Instead of a window down, it's like having a side window that doesn't lock, and you know the keys are in the car, but figured eveyone else will think it's locked since they shouldn't know about the broken lock on the window.
Sony has fixed this already (Score:2)
But I guess temporary blips in data make for lots of article writing.
Fix! (Score:1)