Data Breaches Quintuple but Compromised Record Tally Drops in 2010: Survey

Verizon's 2010 Data Breach Report found that the number of data breaches quintupled from 2009, highlighting the shift as cyber-criminals target smaller businesses.

While the number of data breaches soared in 2010, the amount of information lost has dropped dramatically, according to Verizon's latest data breach survey. The contradiction underscores what some security experts have been saying: attackers are increasingly targeting smaller companies because it's easier.

Released April 19, the latest "2011 Verizon Data Breach Investigations Report" from Verizon Business counted 760 data breaches in 2010, compared to only 141 data breaches in 2009. Verizon noted a dramatic decline of 97 percent in the number of compromised records in 2010, as compared to 2009.

In fact, in the seven years that Verizon has been working on this report, the 2010 numbers set records for both the highest number of incidents and lowest amount of data loss. Other data breach studies reported similar dramatic drops in the number of compromised records in 2010, as cyber-criminals shifted their focus toward smaller attacks.

"The number of incidents in 2010 was truly dramatic and equal to the total number of breaches over six previous years," David Ostertag, the global investigations manager for Verizon, told eWEEK.

Cyber-criminals targeted small businesses with between 11 and 100 employees and did not worry about the biggest organizations, according to Ostertag. They are less likely to get caught as many of those organizations do not have the kind of security expertise in place to prevent or detect breaches, Ostertag said.

"The bad guys are exploiting people who haven't taken basic security considerations into account in their small business," Ostertag said. The attacker running an automated attack is looking for people who have "let their guard down," according to Ostertag.

Hacking and malware were the most prominent types of attack, playing a role in 50 percent and 49 percent of all cases examined in the report. The hacking incidents generally involved weak or stolen login credentials. However, SQL injection attacks remained the biggest and most effective attack mechanism.

A significant majority, 92 percent, of the breaches were blamed on an outside party and not on a corrupt insider.

Even so, "internal agents are as threatening as before," said Ostertag, noting that the smaller percentage was a direct result of the tremendous increase in the overall number of attacks.