0

Troy Hunt claims that those responsible for data breaches are often just teenagers and there are reports that a lot of the breaches would appear to come from insiders. But we also hear a lot about the extent and sophistication of cybercrime. Also, companies seem to want to keep quiet about data breaches. So are there any reliable statistics about who is responsible for the majority of data breaches?

EDIT

I have amended the question so that it relates to database breaches rather than data breaches.

When I asked my original question I was coming from an interest in understanding who was behind the many database breaches – specifically the theft of password files – and hadn't appreciated that the term “data breach” had a broader reach (as explained in this Wiki definition). Troy Hunt's talk, “Lessons from a billion breached records”, was about this narrower concern.

In attacking the misattribution of such attacks in sensational press reports he made the point that often the perpetrators are youngsters with no criminal intent. Although he also recognised the involvement of organised crime, the impression I came away with was that it played a less significant role (though I appreciate that this might not be his actual position on the issue).

Having now read something about the extent and sophistication of organised crime I wondered if any other research into this area has made similar observations. I'm trying to reconcile Hunt's apparent assertion with reports about organised crime like:

The increasing threat from organized cybercriminals and state-sponsored cyber espionage means companies need to forget about the idea of a lone hackerSteve Ranger, ZDNet

The growth of the as-a-service economy across all components of an attack (research, cybercrime tools, and infrastructure) continues to grow, and none more so than hacking-as-a-serviceThe Hidden Data Economy, Intel Security

Peter Gregory
  • 139
  • 1
  • 2
  • 9

2 Answers2

2

Whilst it is going to be debatable about whether these sources are reliable, there are a fair number of sources of information about data breaches, which generally touch on who they think is responsible.

Basically there's loads of these reports from companies who deal in this space, which can be read to try and derive a picture of who's responsible for what.

Rory McCune
  • 60,923
  • 14
  • 136
  • 217
  • Would be grateful if you could comment on my amended question and my attempts to extract information from the Verizon DBIR report. I was unable to obtain a copy of the second report. It would seem to have a restricted circulation. The EY survey would appear just to cover companies' cybersecurity capabilities. – Peter Gregory May 02 '17 at 16:39
1

Re the Verizon DBIR report.

Because report is about “data breaches”, drawing conclusions about the narrower category of “database breaches” is somewhat problematic. I have extracted some figures from the Executive Summary which might lead one to think that organised crime does have a significant involvement in this area.

Who's behind the breaches? 75% by outsiders, 25% involved insiders, 51% involved organised criminal gangs.

What tactics do they use? 62% features hacking, 81% of these leveraged either stolen and/or weak passwords.

What else is common? 73% were financially motivated.

Peter Gregory
  • 139
  • 1
  • 2
  • 9