WASHINGTON, August 2, 2010 – According to a study on Cybercrime released by Verizon Wireless almost half of security breaches in the United States Government are committed with the help of insiders with knowledge of the system. The report notes that while 70 percent of all data breaches are caused by external agents, 48 percent occur because of help from insiders, with 11 percent involving business transactions and 27 percent involving multiple parties.
Equally interesting, 48 percent of these breaches occur because of privilege misuse, a statistic which has jumped 26 percentage points since Verizon’s last report on Cybercrime in 2009. 40 percent resulted from hacking, while 38 percent utilized malware, 28 percent employed social tactics and 15 percent were physical in nature.
In making its recommendations for how to solve the problem of security breaches, Verizon made several recommendations in the study. Firstly, it suggested that companies eliminate unnecessary data and keep strict watch on what’s left. Secondly, they argued that essential controls should be put in place, with other suggestions including the filtering of outbound traffic from company servers, and monitoring event logs for evidence of misuse.
Verizon noted that previous precautions had evidently worked, given that the number of breaches had decreased over the previous year. Still, the report pointed out that, with 60 percent of breach incidents being discovered by external parties, security responses by those under assault could be improved.
Verizon also took a new approach with this report, collaborating with the Secret Service to gain more accurate data on cybercrime. According to Peter Tippett, Verizon Business vice president of technology and enterprise innovation, “This year we were able to significantly widen our window into the dynamic world of data breaches, granting us an even broader and deeper perspective. By including information from the Secret Service caseload, we are expanding both our understanding of cybercrime and our ability to stop breaches."