internet security tHreAt rePOrt GOVernMent 2013
internet security tHreAt rePOrt GOVernMent 2013
internet security tHreAt rePOrt GOVernMent 2013
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
p. 17<br />
Symantec Corporation<br />
Internet Security Threat Report <strong>2013</strong> :: Volume 18<br />
TaRgETEd aTTaCkS, haCkTIVISM, aNd daTa bREaChES<br />
Targeted attack Recipients by Role in 2012<br />
Source: Symantec<br />
2011<br />
2012 % CHANGE<br />
Chief Exec. or Board Level<br />
PR and Marketing<br />
Personal Assistant<br />
Research & Development<br />
Human Resources<br />
Sales<br />
Senior Management<br />
Shared Mailbox<br />
info@, sales@, etc.<br />
DDoS Used as a Diversion<br />
-15% -10% -5 0 5 10 15 20 25 30%<br />
In September, the FBI issued a warning to financial institutions<br />
that some DDoS attacks are actually being used as a “distraction.”<br />
These attacks are launched before or after cybercriminals engage<br />
in an unauthorized transaction and are an attempt to avoid<br />
discovery of the fraud and prevent attempts to stop it.<br />
In these scenarios, attackers target a company’s website with<br />
a DDoS attack. They may or may not bring the website down,<br />
but that’s not the main focus of such an attack; the real goal is<br />
to divert the attention of the company’s IT staff towards the<br />
DDoS attack. Meanwhile, the hackers attempt to break into the<br />
company’s network using any number of other methods that may<br />
go unnoticed as the DDoS attack continues in the background. 5<br />
Data Breaches<br />
The overall number of data breaches is down by 26 percent,<br />
according to the Norton Cybercrime Index, 6 though over 93<br />
million identities were exposed during the year, a decrease of 60<br />
percent over last year. The average number of identities stolen<br />
is also down this year: at 604,826 per breach, this is significantly<br />
smaller than the 1.1 million per breach in 2011.<br />
In 2012, the most frequently<br />
targeted job role was in R&D,<br />
which accounted for 27<br />
percent of attacks (9 percent<br />
in 2011). The second most<br />
notable increase was against<br />
sales representatives, probably<br />
because their contact details<br />
are more widely available in the<br />
public domain, with 24 percent<br />
of attacks in 2012 versus 12<br />
percent in 2011. In 2011,<br />
C-level executives were the most<br />
targeted, with 25 percent, but<br />
this number fell to 17 percent<br />
in 2012.<br />
So why are the number of breaches and identities stolen down in<br />
2012? For starters, there were five attacks in which more than 10<br />
million identities were stolen in 2011. In 2012 there was only one,<br />
which results in a much smaller spread from the smallest to the<br />
largest data breach. However, the median number—the midpoint<br />
of the data set—increased by 3.5 times in 2012, from 2,400 to<br />
8,350 per breach. Using the median is a useful measure because<br />
it ignores the extremes, the rare events that resulted in large<br />
numbers of identities being exposed, and is more representative<br />
of the underlying trend.<br />
Part of the wide difference between data breaches in 2011 and<br />
2012 is likely down due to a concerted effort by the notorious<br />
hacker groups Anonymous and LulzSec to publicize hacks<br />
during 2011—something that was not seen to the same extent in<br />
2012. It’s possible that companies are paying more attention to<br />
protecting customer databases or that hackers have found other,<br />
more valuable targets, or that they are still stealing the data but<br />
not being detected.
Change language