Once again, Verizon has opened the doors on the reality of a data breach with the launch of the Verizon 2018 Data Breach Digest (DBD) series, enabling businesses to read undisclosed stories from the company’s cyber-investigative vault.
The Data Breach Digest series puts cybercrime in context, outlining the (anonymized) specifics of data breaches and cybersecurity incidents for cyber defenders across all businesses to benefit from Verizon’s insights.
Cybercrime victims often believe they are the victim of an isolated attack; however, in reality this is not the case - thousands of companies experience data breaches or cybersecurity incidents every month. Unfortunately, most breaches are never publicly disclosed, preventing others from learning from the facts. This plays to the advantage of cybercriminals, enabling them to reuse successful breach tactics time and time again on new, unsuspecting organizations.
By opening up Verizon’s cybercrime files via the Data Breach Digest scenarios, we are offering a panoramic insider’s view of the cyber threat activities in an effort to share what we have seen with other organizations around the global. Our hope is that we can learn together – and in doing so, better equip ourselves in the fight against cybercrime.
Read all about it!
This year, each story is told from a different perspective, and from a different business sector. Readers are guided through the breach from the initial disclosure to the Verizon team; the investigative response; and then lessons learned. Tips on detection, response, mitigation and prevention are also offered.
- Credential Theft – the Monster Cache: Credential theft is an increasingly common target for cybercriminals, but is actually relatively easy to prevent. This story outlines how the development of cyberattack models, which outline threat actor goals, capabilities, and methods were combined with organization profiling to help organizations protect themselves against attack. This case demonstrates how an awareness of an attack vector common to the target’s specific industry could have prevented a major data breach.
- Insider Threat – the Card Shark: For this case, Verizon experts conducted a Payment Card Industry (PCI) forensic investigation on unauthorized ATM withdrawals. What they found was a network and physical security structure flawed from start to finish. This case walks readers through the investigation to see the many process and policy challenges that enabled this attack.
- Crypto-Jacking Malware – the Peeled Onion: Sometimes attackers care less about proprietary information and more about processing power. This incident demonstrated how a strong firewall can be undone with missed security patches, turning a client’s system into a stealthy cryptocurrency miner.
- Third-Party Palooza – the Minus Touch: Digital forensics starts with the data – but what if there’s no data to be found? A blank hard drive and an uncooperative co-location data center starts the Verizon team on a hunt for the what/where – and what was done with it!
Share information to break the silence
Verizon has always prided itself in sharing cybercrime and threat pattern data, and that is one of the driving forces behind publishing our annual Data Breach Investigations Report (DBIR). Only by sharing cybercrime information can companies and governments effectively combat cyber threats. This year, DBIR data gathered from around the world was made accessible to information security practitioners to get them to understand the evolving threats they face. The Verizon DBIR Interactive tool, an online portal, enables organizations around the globe to explore the most common DBIR incident patterns from the report.
It is our intention this knowledge sharing continues – now and in the future. We hope that companies will continue to proactively share information on breaches as time progresses. Barriers are already lowering, as businesses discover there is more to be learned from sharing than from sitting in silence.