According to the Chronology of Data Breaches by Privacy Rights Clearinghouse, a nonprofit organization that aims to raise awareness about how technology affects personal privacy, the number of companies that experienced a data breach in 2015 reduced by 44% since 2014. At first glance, it would seem that predictions about 2015 being the “Year of the Super-Mega Breach” did not come true. But a closer look reveals that hackers stopped wasting time on trifles and focused on jackpots instead. Fewer incidents resulted in over 197 million compromised records, compared to 295 million in 2014.
Furthermore, security experts still cannot assess the actual damage for 68% of data breaches, so obviously the number of compromised accounts is going to increase. Apparently, cyberattacks have become more targeted and sophisticated than ever and now pose an equal threat to all companies that handle any type of sensitive data, including financial and personal.
I have picked out five patterns of cybercrime that were the most common root cause of security incidents in 2015. The data breaches listed below are ranked by the number of reported cases and point to the security threats that will require the most vigilance in 2016.
- Hacking or malware. Malware and electronic entry by an outside party remained the leading cause of data breaches for the second year in a row. Overall, 92 registered cases occurred because hackers gained unauthorized entry into a company’s systems via Web app attacks, spyware, social engineering and Trojans. This includes the lion’s share of all customer data compromised (around 195 million records).
- Portable devices. The second most frequently reported type of cybercrime was the unauthorized access to information stored on portable devices, including laptops, smartphones and external hard drives. Overall, 28 security incidents investigated to date resulted in the loss of over 20,000 sensitive data records this year.
- Unintended disclosure. The human factor is still a serious issue for data security. More than 38,000 records were exposed in 26 incidents due to employees’ errors, such as misdirected emails and confidential information accidentally posted on companies’ websites.
- Insider misuse. Company employees or contractors with legitimate access to sensitive information posed a threat to data integrity in 11 cases. Despite the relatively small number of incidents, insiders caused significant damage and compromised more than 600,000 customer records.
- Physical loss. Lost, discarded or stolen, non-electronic assets with sensitive information (e.g. paper documents), as well as card skimming and theft of stationary devices, became the root cause of data leaks in five cases, resulting in the loss of 1,100 records.
The huge number of compromised records shows that we are still lagging behind highly motivated intruders. Companies need to adopt a new cybersecurity mindset and combine conventional perimeter protection with deep visibility into our networks to gain better control over the IT infrastructure and minimize the risk of data loss.