Verizon 2012 hacking report says activist groups were tied to a high percentage of worldwide hacking

The Verizon 2012 data breach Report of  2011 showed  855 breach incidents and 174 million compromised records.  They stated that 98% stemmed from External Agents and 4 % were internal employees, (58% of those data thefts were tied to activist groups.  “Most breaches were avoidable (at least in hindsight) without difficult or expensive countermeasures. Low levels of PCI DSS adherence highlight a plethora of issues across the board for related organizations.  Ie.  Hacking, Malware, physical attacks, social tactics, privilege misuse.

Basic tips to mitigate breaches…

Smaller organizations

• Implement a firewall or ACL on remote access services
• Change default credentials of POS systems and other Internet-facing devices
• If a third party vendor is handling the two items above, make sure they’ve actually done them

 Larger organizations

• Eliminate unnecessary data; keep tabs on what’s left
• Ensure essential controls are met; regularly check that they remain so
• Monitor and mine event logs
• Evaluate your threat landscape to prioritize your treatment strategy
• Refer to the conclusion of this report for indicators and mitigators for the most common threats

For more details, read entire report.