Gemalto further says cyber criminals are casting their eyes further afield than traditional, historical financial attacks. The "easy money" for hackers and crackers is coming less from banks, and more to ransomware and identity theft. In fact, identity theft accounted for 59% of all data breaches in 2016, up 5% from 2015.
"The Breach Level Index highlights four major cyber criminal trends over the past year. Hackers are casting a wider net and are using easily-attainable account and identity information as a starting point for high value targets. Clearly, fraudsters are also shifting from attacks targeted at financial organisations to infiltrating large data bases such as entertainment and social media sites. Lastly, fraudsters have been using encryption to make breached data unreadable, then hold it for ransom and decrypting once they are paid," said Graeme Pyper, regional director, Australia and New Zealand at Gemalto.
This data comes from Gemalto's 2016 Breach Level Index, released last week. The 1.4 billion number is an increase of 86% compared to 2015. About 52% of the data breaches in 2016 did not initially disclose the number of compromised records at the time they were announced. Some industries, such as healthcare, have still not disclosed the number of affected records. In fact, 940 of the 1792 breaches have a publicly unknown amount of data involved.
Gemalto states more than seven billion records have been exposed since 2013 when the index was started. This comes to over three million records compromised daily, or 44 records a second.
By far, the number one breach was Adult Friend Finder, hit by an account access data breach by a malicious outsider, exposing more than 400 million records. Coming in second was an identity theft attack by a malicious outsider on the Philippines' Commission on Elections with 77.7 million records stolen, including fingerprints.
In the 2016 index, Gemalto includes 145 reported incidents across APAC, with 44 in Australia alone. As this is self-disclosed data, Gemalto notes this is only "the tip of the iceberg" as mandatory data breach reporting legislation comes into effect.
Account access based breaches decreased since 2015, down by 3%, though with a far greater impact, making up 54% of all breached records which is an increase of 336%. Gemalto notes this highlights the cyber criminal trend away from financial data to bigger databases that contain larger volumes of personally identifying information.
By far the largest target for data breaches was healthcare, accounting for 28% of all data breaches, up 11% from 2015. However, the number of compromised data records has decreased by 75% from the previous year. Financial services companies accounted for 12% of data breaches, down 23% from 2015.
A big takeaway for IT managers from Gemalto's research is that only 4.2% of the total number of breach incidents involved data that had been encrypted in part or in full. Of the 1.4 billion records compromised, only 6% were encrypted partially or in full.
While this represents an increase from the 2015s 4% of incidents and 2% of encrypted records, it is still a trite number. Pyper notes that an organisation's security efforts cannot simply rest at the perimeter, but must also have a means of making data useless should an unauthorised person get hold of it.
"Knowing exactly where their data resides and who has access to it will help enterprises outline security strategies based on data categories that make the most sense for their organisations. Encryption and authentication are no longer ‘best practices’ but necessities. This is especially true with new and updated government mandates like the upcoming changes to Australia’s mandatory data breach notifications. But it’s also about protecting your business’ data integrity, so the right decisions can be made based on accurate information, therefore protecting your reputation and your profits," he said.
In fact, in this modern day of pervasive cloud technology there is almost no perimeter anymore. Thus, the Breach Level Index truly highlights to IT departments the seriousness of protecting data. Encrypting data to make it useless to attackers is paramount. Similarly, containing the places where data can go and limiting access to data are also important strategies. Gemalto refers to this as protecting data at "rest and in motion".