There’s a glimmer of good news on the cybercrime front.
Verizon released its annual Data Breach Investigations report Tuesday, and announced that the amount of data cyber criminals obtained or compromised in 2010 fell dramatically.
Why? Verizon thinks it’s due to good old-fashioned police work, as law enforcement around the world has been busy locking up the bad guys.
In 2008, Verizon said, 360.8 million records were compromised by data breaches, falling to 143.6 million records by 2009.
But in 2010, that number was a paltry 3.87 million records compromised. And that, Verizon said, shows that the biggest of the bad guys were off the grid in 2010.
In 2010, Verizon said, Albert Gonzalez received a 20-year prison sentence for his role in the TJX and Heartland Payment System breaches. Also in 2010, the company noted, Vladislov Horohorin, aka BadB, was arrested in Nice, France on a Secret Service warrant and is being extradited to the United States. Through the year, the Secret Service arrested more than 1,200 suspects for cybercrime violations.
All that activity changed the face of cyber crime in 2010. “In years past we’ve seen very massive breaches against large organizations, but a lot of those criminals are in jail now,” said Wade Baker, Verizon’s director of Risk Intelligence.
Instead, the criminals shifted away from major breaches of large companies toward smaller breaches at less well-guarded firms. “We think this might be a tactical shift on the part of the bad guys to less risky, easier targets,” Wade said. “Low hanging fruit, if you will.”
That’s part of the reason why 40 percent of breaches in 2010 occurred in the hospitality industry, 25 percent in retail, and a relatively small 22 percent in financial services.
“They treat this like a business," said Baker. "They want to sell this information on the black market. They use it to commit fraud, identity theft, drain bank accounts.”
And the data also describe a lot about the way cyber crime works. Ninety-two percent of attacks were not highly difficult, and 83 percent of the victims were essentially targets of opportunity, the study found. That suggests that criminals are looking for easy pickings, and not as much for specific information.
The most popular type of attack in 2010 was installation of malware that sends data to an external entity, followed by that which allows “backdoor” access or control of servers. Also popular was hacking that exploits guessable password credentials and key-logging software that captures what a user is doing on his or her computer.
The Verizon study did not include this month’s data breach at the marketing firm Epsilon, in which unknown hackers made of with names and email addresses of millions of customers of some of the world’s biggest companies. Potentially the largest breach ever, the Epsilon attack shows that in 2011 someone out there in the criminal underground is looking to step into the shoes of the hackers who have already been put behind bars.