Study confirms demise of the myth of attacks from within
Last year, network giant Verizon suggested that the 'attack from within' was more of a myth than a serious threat. A study by UK security services provider 7Safe in conjunction with the University of Bedfordshire underpins this suspicion. Of 60 incidents investigated, only 2% could be traced back to internal attackers.
However 18% of attacks were found to have taken place via systems belonging to business partners. The report emphasises that this does not necessarily mean that these partners were themselves the attackers, rather it may be that their infrastructure was misused after itself having been broken into. The study does not examine what proportion of this type of attack was the result of such misuse.
What is interesting is that in 85% of the attacks, credit, debit or other card data was stolen, confidential business data in just 7% and intellectual property in just 3% of attacks. In 86% of cases, attackers accessed data by exploiting vulnerabilities in web applications operated by the victims. SQL injection vulnerabilities and insecure server configurations were together responsible for almost three quarters of incidents. In most cases the methods used by the attackers were not particularly sophisticated. Surprisingly Vietnam, responsible for 36% of attacks, headed the list of countries from which the attacks originated.
The complete report "UK Security Breach Investigations Report – An Analysis of Data Compromise Cases 2010" is available to download.