This year’s highly anticipated Verizon 2016 Data Breach Investigations Report (Verizon DBIR) analyzed cybersecurity findings from 100,000 incidents and 2,260 confirmed breaches, taking a deep dive into popular attack types and threats in 2015. During our June Twitter #SecChat, we discussed findings from the report, and examined prominent threats and their impact on industries. Participating in this chat were experts from Intel Security, Verizon, and other industry thought leaders. This lively conversation surfaced enlightening security insights and opinions. Here are some of the highlights:
Once again, phishing tops the list of attack vectors in the DBIR. Why do you think this method is so successful?
To start the chat, we asked participants for their take on phishing—one of the top attack vectors in 2015 according to the DBIR. Participants offered potential reasons for its success, as well as tips for prevention. Intel Security’s @Matt_Rosenquist stated that phishing continues to succeed due to ease of the attack, and novice skill-level needed for execution. @Marc_Spitler of Verizon followed up, emphasizing that all it takes is a single click for an attack to launch. Overall, experts suggested heightened security culture, education, and employee awareness as ways to mitigate this attack vector.
A1: Phishing is easy, cheap, & sufficiently effective tactic. It exploits human nature weakness. Tech + Behavior controls needed #SecChat
— Matthew Rosenquist (@Matt_Rosenquist) June 22, 2016
A1: Because it only takes one user to click and a foothold is established behind the FW & other perimeter defenses #SecChat
— Marc_Spitler (@Marc_Spitler) June 22, 2016
The DBIR shows a steep drop in market prices for stolen payment cards. Does that mean card theft will become unprofitable?
#SecChat participants expressed wariness around card theft, sharing ideas on why dark web prices may be plummeting. Intel Security’s @Raj_Samani pointed out that with the lower cost of attack has come a growing ROI—no signs of an unprofitable future. @jc_vazquez added that due to reduced profit from payment card theft, hackers have turned to stealing more valuable user data. @Matt_Rosenquist argued that a drop in market price relates to growth in supply, rather than a decline in demand—and that this threat type is still growing.
@IntelSec_Biz no, but now attackers know that medical records and data of users (ransomware) are more profitable #SecChat
— Juan Carlos Vázquez (@jc_vazquez) June 22, 2016
A4: Drop in black market credit card prices from $25 to $6 is due to more supply than demand. Overall impacts are still rising. #SecChat
— Matthew Rosenquist (@Matt_Rosenquist) June 22, 2016
Consistent with headlines, the DBIR reports a significant increase in ransomware. How can businesses slow its growth?
#SecChat participants agreed that ransomware’s complex nature doesn’t lend itself to one simple solution. As the problem continues to evolve, the industry response remains diverse. @Securelexicon points out attackers’ growing customer service skills and diligence when picking targets—selecting those who will drive the highest return. @Raj_Samani agreed that the threat’s increased focus on targeting verticals is a growing worry, possibly more problematic than the original scattered approach. @Marc_Spitler proposed that the security community’s focus should shift to limiting ransomware’s impact, a more feasible approach than trying to slow its growth. In addition, @Zulfikar_Ramazan argued that a shift in security strategy is the true solution to the problem, with a refocus on the human element of the threat.
@securelexicon certainly new #ransomware variants are targeting verticals – more worrying than original scattered approach #SecChat
— Raj Samani (@Raj_Samani) June 22, 2016
@securelexicon totally the -as-a-service operators for #ransomware are making it v.simple to use e.g. https://t.co/7r7cQLstnF #SecChat
— Raj Samani (@Raj_Samani) June 22, 2016
A6: Focus should be on limiting impact as opposed to slowing growth. Backups and protection of said backups and shared drives #SecChat
— Marc_Spitler (@Marc_Spitler) June 22, 2016
Our #SecChat provided some great insights from both the Verizon 2016 DBIR and the cybersecurity landscape as a whole. Thank you to everyone who joined the conversation! You can view the entire discussion on Twitter using the #SecChat hashtag. Be sure to follow @IntelSec_Biz to stay informed about upcoming chats!
The post June #SecChat Recap: Findings from the 2016 Verizon DBIR appeared first on McAfee.