Data Breach Study Spanning 500 Break-Ins Released

← Back to Stories (view on slashdot.org)

Data Breach Study Spanning 500 Break-Ins Released

Posted by samzenpus on Wednesday June 11, 2008 @11:57PM from the did-you-update-the-windows dept.

Dr. Jim Anderson writes "The good folks over at Verizon Business have released a report that summarizes what they've found after looking through 500 forensic investigations involving 230 million records, and analyzes hundreds of corporate breaches including three of the five largest ones ever reported. What did they find? How about (1) Nearly nine in 10 corporate data breaches could have been prevented had reasonable security measures been in place, (2) Fewer than 25 percent of attacks took advantage of a known or unknown vulnerability and (3) attacks from Asia, particularly in China and Vietnam, often involve application exploits leading to data compromise, while defacements frequently originate from the Middle East."

9 of 71 comments (clear)

Aarrgghhh!!! by DoofusOfDeath · 2008-06-12 00:00 · Score: 4, Funny

(2) Fewer than 25 percent of attacks took advantage of a known or unknown vulnerability and

How the hell are we supposed to defend ourselves against the 75% of attacks that are immune to the laws of logic???
1. Re:Aarrgghhh!!! by Anonymous Coward · 2008-06-12 00:09 · Score: 2, Funny
  
  No, no! What they are trying to say is that 75% took advantage of both a known and unknown vulnerability! You have to remember, the 'or' in this sentence was probably not written by a programmer.
Business Partners?? by Finallyjoined!!! · 2008-06-12 00:06 · Score: 4, Funny

Thirty-nine percent of breaches were attributed to business partners, a number that rose five-fold during the course of the period studied.

Some Partners!!

Watch your backs guys.

PS. How can 39% rise 5 fold?

--
If I had an Ass, I'd call it Fanny Bottom, then I could slap my Ass; Fanny Bottom, on the Arse.
Those aren't vulnerabilities... by gardyloo · 2008-06-12 00:17 · Score: 4, Funny

... those are features.
1. Re:Those aren't vulnerabilities... by Anonymous Coward · 2008-06-12 00:27 · Score: 1, Funny
  
  That was for the other 75%
Re:Fewer than 25 percent... by nocaster · 2008-06-12 01:13 · Score: 5, Funny

... took advantage of a known or unknown vulnerability? What the hell did the other 75% do?? username: admin
password: password
Re:Data transaction zones by watookal · 2008-06-12 01:16 · Score: 2, Funny

"Running NT4 also made sure USB sticks weren't an issue, though I believe they managed to upgrade to XP a few years ago, but testing was extensive."

The security dudes at my previous place of employment managed to devise a more portable solution to the USB stick problem: they simply glued shut the USB ports on all computers. No kidding.
Schroedinger's Vulnerability by Hoi+Polloi · 2008-06-12 02:14 · Score: 3, Funny

Clearly what they are referring to are quantum vulnerabilities. The exact nature of the vulnerability doesn't become clear until someone observes it.

--
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
Re:Fewer than 25 percent... by QuantumRiff · 2008-06-12 02:29 · Score: 3, Funny

TAKE down your damn post. I'm reporting you to the FBI for cracking my password!

--

What are we going to do tonight Brain?