Physical Loss Or Theft Still Main Reason For Data Breaches

The physical theft or loss of a device containing corporate information is the largest single reason for data breaches, the latest Global Internet Security Report from Symantec reveals

Symantec’s latest Global Internet Security Report has revealed some interesting facts about cybercrime, including how a credit card number stolen in a data breach may be only worth as little as 85 cents (£0.55) in the criminal underworld.

Symantec’s whopping 97-page document details its review of the threat landscape in 2009.

While there was a significant drop in documented vulnerabilities – from 5,491 in 2008 to 4,501 in 2009 – Symantec’s analysis of data breaches during the year showed a notable change as well.

While the largest percentage (37 percent) of data breaches that could possibly lead to identity theft were still caused by physical theft or loss, a growing number were caused by hacking. According to Symantec, 60 percent of the data records exposed were compromised via hacking, up from 22 percent in 2008. Fifteen percent of breaches that could lead to identity theft were caused by hacking, a slight decrease from 2008, Symantec said.

Much of this can be attributed to the fallout resulting from the activities of notorious hacker Albert Gonzalez, who was recently sentenced for his role in a number of massive data breaches that exposed millions of records, the report said. The financial sector was hardest hit among the verticals analysed by Symantec, and accounted for 60 percent of the total identities exposed.

“Attackers have evolved from simple scams to highly sophisticated espionage campaigns targeting some of the world’s largest corporations and government entities,” said Stephen Trilling, senior vice president of security technology and response at Symantec, in a statement. “The scale of these attacks and the fact that they originate from across the world makes this a truly international problem requiring the co-operation of both the private sector and world governments.”

The international nature of cyber-crime was underscored in the report, which found a significant growth of malicious activity in countries such as Brazil and India. Brazil cracked the top three of Symantec’s list of countries with the most malicious activity, marking the first time since 2006 a country other than the United States, China or Germany has ranked in the top three. Brazil’s climb, the report says, is likely due to the country’s growing Internet infrastructure.

The top five most malicious countries, ranked in order, are: the United States, China, Brazil, Germany and India, according to the report.

Web-based attacks associated with malicious PDF files skyrocketed during the year. According to Symantec, the number of attacks targeting PDF viewers such as Adobe Reader accounted for 49 percent of the web-based attacks observed for the year, more than four times the 11 percent observed in 2008.The attack is not directly related to any specific vulnerability, but the contents of the malicious PDF file were designed to exploit arbitrary vulnerabilities in applications that process PDFs, the report explained.

While some of that increase may be due to targeted attacks focused on businesses, it is likely also related to the overall usage of the file format, Marc Fossi, executive editor of the report and manager of research and development with Symantec Security Response, told eWEEK.

“Because it’s now an open format, there are more PDF readers out there that can be potentially exploited,” he said. “Part of it may also be related to some people potentially thinking PDF files are safer than other types of files, such as word processing documents or spreadsheets.”