/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANGALORE, INDIA: The latest in the Data Breach Investigations Report series by Verizon Business security experts provides enterprises with an unprecedented look at the 15 most common security attacks and how they typically unfold.
In the “2009 Supplemental Data Breach Investigations Report: An Anatomy of a Data Breach,” Verizon Business security experts tap the company’s detailed investigative records to identify, rank and profile the most common attacks.
Peter Tippett, vice president, technology and innovation, Verizon Business, said: “This supplemental report seeks to address the thousands of inquiries we’ve received from companies around the world wanting a more detailed explanation of attacks, as well as requests for additional recommendations for deterring, preventing and detecting breaches. This follow-up analysis is aimed at helping organizations better safeguard their organizations by understanding the anatomy of a data breach and how cybercriminals work.”
The top 15 most common security attacks
Key-logging and spyware: Malware specifically designed to covertly collect, monitor and log the actions of a system user.
Backdoor or command/control: Tools that provide remote access to or control of infected systems, or both, and are designed to run covertly.
SQL injection: An attack technique used to exploit how web pages communicate with back-end databases.
Abuse of system access/privileges: Deliberate and malicious abuse of resources, access or privileges granted to an individual by an organization.
Unauthorized access via default credentials: Instances in which an attacker gains access to a system or device protected by standard preset (widely known) usernames and passwords.
Violation of acceptable use and other policies: Accidental or purposeful disregard of acceptable use policies.
Unauthorized access via weak or misconfigured access control lists (ACLs): When ACLs are weak or misconfigured, attackers can access resources and perform actions not intended by the victim.
Packet Sniffer: Monitors and captures data traversing a network.
Unauthorized access via stolen credentials: Instances in which an attacker gains access to a protected system or device using valid but stolen credentials.
Pretexting or social engineering: A social engineering technique in which the attacker invents a scenario to persuade, manipulate, or trick the target into performing an action or divulging information.
Authentication bypass: Circumvention of normal authentication mechanisms to gain unauthorized access to a system.
Physical theft of asset: Physically stealing an asset.
Brute-force attack: An automated process of iterating through possible username/password combinations until one is successful.
RAM scraper: A fairly new form of malware designed to capture data from volatile memory (RAM) within a system.
Phishing (and endless “ishing” variations): A social engineering technique in which an attacker uses fraudulent electronic communications (usually e-mail) to lure the recipient into divulging information.
In addition to the extensive threat catalogue, the supplemental report includes an appendix that compares Verizon’s caseload with DataLossDB, a public database of reported incidents worldwide.