Data breaches and successful hack attacks soared by 40% during 2012, according to a report by IBM, which cites the rise of a more brazen breed of hacker and the growth of state-sponsored attacks for the increase.
IBM’s X-Force 2012 study reports that the number of individual company breaches hit 1,502, compared with 1,088 data loss incidents in 2011.
At under three attacks per day, the figure may seem relatively small considering the potential target market, but each incident can involve millions of customer records.
“In 2012, near daily leaks of private information about victims were announced like game scoreboards through tweets and other social media,” IBM researchers said in the report. “Personal details, such as email addresses, passwords (both encrypted and clear text), and even national ID numbers were put on public display.”
Researchers also found that even with the increase in targeted and APT attacks, denial of service (DDoS) and site defacement attacks remained the most common attacks and over the course of the year only grew stronger.
IBM noted that as the year wound down, the intensity of DDoS attacks grew as higher loads of data were thrown at web servers in order to shut down service. The company found that attackers are trading in their PC botnets for more powerful zombie servers. In one case, banks were targeted with up to 70Gbit/s of data.
“The 2012 bank DDoS attacks appear to be coming in part not from infected PCs, but from compromised web servers that reside in high bandwidth data centres,” the company said. “By using security vulnerabilities in content management systems and other popular web frameworks, the attackers were able to create a botnet of web servers that have a much longer connected uptime, as well as having more bandwidth in general, than home PCs.”
Data breaches rocket 40% http://t.co/RhcPDcCFdo