Food and beverage industry top target for cyber crime
Trustwave has published its 2012 Global Security Report, based on more than 300 data breach investigations and 2,000 penetration tests performed worldwide last year by SpiderLabs.
For the second year in a row, the report shows the food and beverage industry is the top target for cybercriminals.
Additionally, more than a third of Trustwave SpiderLabs 2011 investigations occurred in a franchise business, and Trustwave researchers expect industries with franchise models will be most at risk in 2012. The report also unveils surprising findings about the most common password used by global businesses and the riskiest time of day to open an email attachment.
"We believe the Trustwave Global Security Report is the most comprehensive report on cybercrime and data breach trends, new and evolving threats, and recommendations of best security practices for organisations," said Nicholas J. Percoco, senior vice president and head of Trustwave SpiderLabs.
"In 2011, we performed 42 percent more data breach investigations and assembled a thorough study on business password practices. The information we have gathered highlights security trends and risks that businesses should address in 2012."
Key Report Findings
• What do cybercriminals want?: Customer records remain a valuable target for attackers, making up 89 percent of breached data investigated. While trade secrets or intellectual property followed at a distant six percent, highly targeted attacks designed to go after that type of data remain a growing concern, as their success rate is extremely high.
• Data breach investigations are on the rise: Trustwave performed 42 percent more investigations in 2011 than in the previous year – conducting more than 300 data breach investigations in 18 countries worldwide. The increase in investigations can be attributed to an increase in targeted, sophisticated attacks resulting in breaches, as well as more investigations in the Asia-Pacific region.
• The food and beverage industry remains the top target: For the second year, the food and beverage industry made up the highest percentage of investigations in 2011 at nearly 44 percent.
• Franchises and chain stores beware: Trustwave found that industries with franchise and chain store models are the top targets primarily because franchises often use the same IT systems across stores. If a cybercriminal can compromise a system in one location, they likely can duplicate the attack in multiple locations. More than a third of 2011 investigations occurred in a franchise business and this number is expected to rise in 2012.
• Global businesses have a password problem: Despite headlines regarding data breaches due to poor password practices, global businesses still allow employees and system administrators to use weak passwords. Analysing the usage and weakness trends of more than 2 million business passwords, Trustwave found that the most common password used by global businesses is "Password1" as it satisfies the default Microsoft Active Directory complexity setting.
• Careful when you open that attachment: 8:00 a.m. and 9:00 a.m. (Eastern Time, U.S.) is the most likely time for email sent with a malicious attachment.
• Self-detection of attacks and breaches is dismal: Self-detection of compromises decreased in 2011 and only 16 percent of victimised organisations were able to detect the breach themselves. The remaining 84 percent relied on information reported to them by an external entity: regulatory, law enforcement or public. In those cases, in which an external entity was necessary for detection, analysis found that attackers had an average of 173.5 days within the victim's environment before detection occurred.
• Law enforcement steps up its cybersecurity game: The good news for organisations is that the effectiveness of law enforcement to detect breaches increased almost five-fold in 2011. Thirty-three percent of organisations that reported a breach were notified by law enforcement, compared to just seven percent the previous year. This increase can be attributed to work performed by groups such as the United States Secret Service, Interpol, Australian Federal Police and UK's Serious Organised Crime Agency.
