RSA 2012 First Impressions


Security for mobile, cloud and social technologies is the big focus at this year’s RSA conference being held at Moscone Center in San Francisco. Topics include everything from mobile device management and individual device protection (e.g. virus protection) to authentication and intrusion tools, new hacking techniques and the latest ideas in intelligence-driven security. The highly visible security breaches of the past year mean that the network providers and application developers at the conference are attending sessions and visiting exhibits fully aware that they could face a huge user backlash if their systems are hacked.

A good place to start was Verizon’s release at the conference of the preliminary results of their upcoming 2012 Data Breach Investigations Report. This annual report uses data from Verizon’s own investigations into breach cases over the past year to better understand how threats are evolving.

According to the release, the industries most frequently targeted in 2011 were retail, financial services and hospitality. The rise in hactivist-based attacks (attacks in support of a social cause) was noted as a big factor in the past year’s attacks.

The most typical breach methods used were hacking and malware. The most typical approach used was exploiting default or easily guessed passwords at 29 percent of the cases, followed by backdoor malware (26%), stolen credentials (24%), exploiting command and control channels (23%), keyloggers and spyware (18%) and SQL injection attacks (13%).

The release also noted that most organizations discover that they have been hacked from an external source such as law enforcement. In over half the cases, several months passed before the organization became aware of the breach.

More information about Verizon’s 2012 case review can be found here.