Hackers cast a wider net in launching cyber attacks

Data protection takes on new urgency as breach perimeter dissolves worldwide

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

The num­ber of records com­pro­mised by cyber crim­i­nals is sky­rock­et­ing, accord­ing to find­ings of dig­i­tal secu­ri­ty giant Gemalto.

The Nether­lands-based com­pa­ny says its 2016 Breach Lev­el Index, a glob­al data­base that tracks data breach­es, found near­ly 1.4 bil­lion records were com­pro­mised world­wide last year—an 86 per­cent increase over 2015.

Such a big increase for all indus­tries com­bined pales in com­par­i­son to the increase suf­fered by finan­cial ser­vices com­pa­nies. The num­ber of finan­cial ser­vices records lost or stolen in cyber attacks jumped from 1.1 mil­lion in 2015 to 13.3 mil­lion last year—a 1,070 per­cent rise. This sec­tor serves as a glar­ing exam­ple of how attack­ers are steal­ing larg­er num­bers of records with each theft.

Tech­nol­o­gy com­pa­nies also expe­ri­enced a big increase in records lost or stolen—a 278 per­cent increase from 103.7 mil­lion in 2015 to 277.5 mil­lion last year. Tech com­pa­nies’ lost or stolen records account­ed for more than one-quar­ter of all indus­try losses.

The num­ber of attacks against tech­nol­o­gy companies—primarily com­pa­nies offer­ing tech­nol­o­gy ser­vices to clients—rose sig­nif­i­cant­ly in 2016. Secu­ri­ty breach­es increased 55 per­cent from 122 in 2015 to 189 last year.

Relat­ed sto­ry and info­graph­ic: Attack­ers reel in cash rewards from finan­cial firms

Out­side the tech­nol­o­gy indus­try, how­ev­er, the num­ber of breach­es declined, accord­ing to Gemal­to. Hack­ers and oth­er attack­ers launched 1,792 data breach­es world­wide last year—a 4 per­cent drop from 2015.

Insid­er threat less common

Mali­cious out­siders per­pe­trat­ed more than two-thirds of last year’s attacks, and iden­ti­ty theft was the most com­mon type of attack. Acci­den­tal loss account­ed for 19 per­cent of the data breach­es, and—despite all the atten­tion giv­en to the threat of attacks from with­in organizations—malicious insid­ers were respon­si­ble for only 9 per­cent of the breach­es, Gemal­to says.

Sole­ly con­sid­er­ing the num­ber of data breach­es, the health care indus­try was the hard­est hit, account­ing for more than one-quar­ter of all breach­es. Health care orga­ni­za­tions expe­ri­enced 493 breach­es, com­pared with 445 in 2015.

Despite the increase, the num­ber of records lost or stolen fell 75 per­cent from 143.2 mil­lion in 2015 to 35.3 mil­lion last year. Gemal­to says part of the rea­son for the big drop was dis­clo­sure of a mas­sive num­ber of records breached at Anthem in 2015 and nondis­clo­sure of num­bers relat­ed to 2016 breach­es in the health care industry.

The pub­lic sector’s cyber attack sta­tis­tics were oppo­site those of the health care industry—breaches declined and the num­ber of records lost or stolen rose. Agen­cies and oth­er gov­ern­ment enti­ties had 269 breach­es in 2016, down 9 per­cent from the pre­vi­ous year. The num­ber of records lost or stolen totaled 391.7 mil­lion, up 27 per­cent from 2015.

Action has rewards

Gemal­to says the retail sec­tor “has tak­en sig­nif­i­cant steps to stop cyber attacks—particularly at the point of sale—and per­haps it’s pay­ing off.” Retail­ers had 215 data breach­es in 2016, a 10 per­cent decline from the pri­or year. The num­ber of records stolen also fell from 40.1 mil­lion in 2015 to 32.5 mil­lion last year.

The edu­ca­tion sec­tor saw improve­ments in the num­ber of data breach­es and records lost or stolen. Breach­es totaled 157 last year, down 5 per­cent, and records lost or stolen dropped 78 per­cent to 4.4 million.

With 26 data breach­es last year, the hos­pi­tal­i­ty indus­try was the least hard hit of the sec­tors Gemal­to eval­u­at­ed. That num­ber, how­ev­er, was a big increase from only one breach in 2015.

Breach­es in indus­tries oth­er than those Gemal­to eval­u­at­ed, includ­ing social and enter­tain­ment sites, totaled 229 last year. That account­ed for 13 per­cent of all indus­tries’ total and was down 29 per­cent from 2015.

Gemal­to says, how­ev­er, that “a tremen­dous vol­ume of records”—500 million—was involved in the attacks last year against indus­tries oth­er than those Gemal­to eval­u­at­ed. That num­ber was up 300 per­cent from 124.8 mil­lion in 2015.

Breach­es pre­dom­i­nate in North America

North Amer­i­ca account­ed for 80 per­cent of all breach­es, Gemal­to found. The total num­ber of breach­es in the Unit­ed States, Cana­da, Mex­i­co and Cen­tral Amer­i­ca was 1,433, up 11 per­cent from the year before. Attacks in these regions result­ed in the theft of 1 bil­lion records or about three-quar­ters of all breach­es world­wide. This was an increase of 119 per­cent from 462.5 mil­lion in 2015.

Gemal­to says it’s “like­ly” that the pre­dom­i­nance of North Amer­i­can breach­es is relat­ed to more strin­gent data-breach dis­clo­sure laws in the Unit­ed States than in oth­er coun­tries out­side the con­ti­nent. The Unit­ed States had, by far, the most breach­es of any country—1,348 attacks that result­ed in the theft of 858 mil­lion records.

Europe had the next-high­est num­ber of data breach­es with 161 last year. The attacks in Euro­pean coun­tries result­ed in the theft or loss of 183.4 mil­lion records, up 94 per­cent from 2015.

The Asia-Pacif­ic region expe­ri­enced 145 data breach­es last year, up 11 per­cent from 2015. About 138 mil­lion records were stolen in these attacks—a big increase from 1.3 mil­lion in 2015.

What to do

As seen from the ris­ing num­bers, pro­tect­ing sen­si­tive data is get­ting more dif­fi­cult and con­sum­ing a big­ger chunk of spend­ing. Stay­ing steps ahead of hack­ers requires a shift in think­ing on data secu­ri­ty. While there is no mag­ic bul­let that will work for every orga­ni­za­tion, com­pa­nies should take a three-step approach to mit­i­gate the con­se­quences of a breach.

Those steps include: encrypt­ing all sen­si­tive data; secure­ly stor­ing and man­ag­ing all encryp­tion keys; and con­trol­ling access and authen­ti­ca­tion of users.

In today’s breach land­scape, these steps will help pre­vent busi­ness­es from becom­ing vic­tim­ized by cyber criminals.

More sto­ries about evolv­ing threats:
Expect ran­somware tar­gets, meth­ods to broaden
Steps to avoid being infect­ed by the ran­somware pandemic
Cyber rob­bers find cold, hard cash at small banks, cred­it unions