Cyber-Crime 2012: Big Business for Attackers, Big Costs for Victims
The Ponemon Institute in October released a study of 56 companies that showed that the cost to them of dealing with cyber-attacks increased 6 percent this year compared with 2011. The report had more bad news: It took the businesses an average of 24 days to resolve a cyber-attack, at an average cost of $24,475 a day. Unfortunately, there was no shortage of businesses and organizations this year that had to put the statistics to the test. From colleges to corporations, the list of businesses hit by cyber-attacks this year was long and varied. And while the attacks hurt large numbers of people and businesses, the year also saw the appearance of advanced persistent threats targeting small numbers of organizations as part of sophisticated espionage campaigns. The Middle East, in particular, was a focus for these campaigns, some of which are suspected by many to be state-sponsored. This year was a good one for hackers, even as the FBI made arrests in connection with attacks by Anonymous affiliates and security vendors continued to push out malware signature after malware signature. Here, eWEEK highlights some of the most devastating breaches and hacks in 2012, what went wrong and how organizations can keep themselves from being entries on this list in 2013.
South Carolina Security Goes South
In October, officials in South Carolina's Department of Revenue admitted that information belonging to as many as 4.4 million people and businesses had been compromised in a breach. In the aftermath of the breach, it was revealed that an employee was tricked into opening a file laced with malware. From there, the perpetrators stole log-in credentials to department computers and then began pilfering information. (Image courtesy of WikiCommons)