A new report released today from Verizon Business, “2009 Supplemental Data Breach Investigations Report: An Anatomy of a Data Breach,” takes a look the 15 most common types of security attacks. The report is drawn from data published in the “2009 Verizon Business Data Breach Investigations Report,” issued in April. That study reviews the cybercrime cases worked by Verizon’s Investigative Response team and analyzed more than 90 forensic investigations involving some 285 million compromised records.
The report identifies and profiles the most common attacks. For each type of attack, the report provides case examples, frequency of occurrence, threat sources, warning signs, controls that can deter or prevent threats, and commonly affected industries.
The report identifies and ranks by frequency the following top 15 types of attacks:
- Keyloggers and spyware.
- Backdoor or Command/Control.
- SQL injection.
- Abuse of system access/privileges.
- Unauthorized access via default credentials.
- Violation of Acceptable Use and other policies.
- Unauthorized access via weak or misconfigured ACLs.
- Packet sniffer.
- Unauthorized access via stolen credentials.
- Pretexting (social engineering).
- Authentication bypass.
- Physical theft of asset.
- Brute-force attack.
- RAM scraper.
- Phishing (and variants).
It’s interesting to observe that 6 of the 15 list proper egress filtering as one method of mitigating the attack. That’s more than a third of the most common attacks that can be stopped by proper firewall configurations. Read the whole thing.