Verizon: Old Flaws, Weak Passwords Lead to Breaches
The Verizon Data Breach Investigations Report once again shows that shoddy security practices and lack of patching are at the heart of most breaches.The annual Verizon Data Breach Investigations Report (DBIR), released April 26, provides visibility into the state of security and why breaches occur. The 2016 report is based on Verizon's analysis of more than 100,000 security incidents, of which 2,260 were confirmed as data breaches. In contrast, the 2015 report received data from 79,790 security events, with 2,122 confirmed data breaches. As was the case in the 2015 report, Verizon once again has found that little has changed in the breach landscape, with attackers using the same tactics and organizations failing in the same basic areas of security. Known vulnerabilities continue to be a root cause for many breaches, explained Suzanne Widup, senior consultant, Network and Information Security, Verizon RISK Team and a co-author of the DBIR. According to the DBIR, 85 percent of all successful exploits in the last year can be attributed to 10 already-patched vulnerabilities. In some cases, the patches have been available for years and there are vulnerabilities from 1999 that can still show up as root causes of breaches. "Attackers are still exploiting old vulnerabilities really well, and they don't have to use zero-days," Widup told eWEEK. "There are a lot of things that really should have been patched a long time ago."
The older vulnerabilities are typically "weaponized" in an exploit toolkit, which makes it easier for attackers to execute. Widup emphasized that there are no good reasons why organizations should not patch their systems.