Attackers after customer and employee data the most, study finds

Personal employee or customer data accounts for almost half (45%) of stolen data, according to a report by US cyber security firm Imperva.

The report comprises a 12-month analysis of the top 100 data breaches between July 2021 and June 2022 from sources such as the web, breach reports and hackers’ forums.

Company’s source code and proprietary information accounted for an additional 6.7% and 5.6% respectively, yet, “more positively”, according to Imperva, theft of credit card information and password details has dropped by 64% compared to 2021.

“It’s very encouraging to see such a decline in stolen credit card data and passwords,” says Terry Ray, SVP and field CTO at Imperva. “It suggests that more organisations are using basic security tactics such as multi-factor authentication (MFA), which makes it much harder for outside cyber attackers to gain the access required to breach data.”

However, the CTO warned that PII data, any personal information, is the crème de la crème for cybercriminals as it allows them to “engage in full-on identity theft which is hugely profitable and very difficult to prevent”.

“Credit cards and passwords can be changed the second there is a breach, but when PII is stolen, it can be years before it is weaponised by hackers,” urged Rey.

In terms of the root causes of attacks, the study named social engineering (17%) and unsecured databases (15%) the two biggest culprits for data breaches, which the cyber sec firm said is “particularly worrying” since these methods are relatively easy to mitigate against.

A separate report identified similar findings, with over 80% of organisations stating their data is not protected well enough, and the same number highlighting an “Availability Gap” between how quickly they need systems to be recoverable and how quickly IT can bring them back.

Both reports point to the need for more efficient protection systems this year, particularly since 31% of businesses that identified cyberattacks in 2022 said they were attacked at least once a week.

The study also identified four new profiles for the main types of attacker: The Hit and Run attacker, who takes what they can and then leaves; The Curious attacker, who has a look around for what else they can steal; The Resident attacker – the most dangerous type – who will penetrate a network but then stick around unidentified, and finally The Inside attacker, activated by leaving data exposed – the motive is usually money and the dislike for the company.

To see how your business can better prepare for cyberattacks, check-out TechInformed’s report into Ransomware.