Total attacks have exposed more than 10 million personal records as of July 2014 and strongly indicate the need for organizations to adopt a more strategic approach to safeguarding digital information.
These incident attacks in the second quarter affecting consumer's personal information included theft of data such as customer names, passwords, email addresses, home addresses, phone numbers, and dates of birth. These types of personal privacy breaches have affected organization's sales and earnings while leaving customers unable to access accounts and dealing with service disruption. As a result many countries have begun developing stricter privacy and data collection policies to begin dealing with this problem.
As of July 15, 2014, more than 400 data breach incidents have been reported, creating the need for organizations to identify and understand their core data in order to protect and build an effective defense strategy to keep them secure. A change in mindset, organizations initially need to determine which information they regard as "core data" before devising a plan on how to protect it.
"Organizations must treat information security as a primary component of a long-term business strategy rather than handling security issues as tertiary, minor setbacks," said Raimund Genes, CTO, Trend Micro."Similar to having a business strategy to improve efficiency, a well-thought-out security strategy should also improve current protection practices that achieve long-term benefits. The incidents observed during this quarter further establish the need for a more comprehensive approach to security."
Highlights of the report include:
Critical vulnerabilities created havoc among information security professionals and the public: High-risk vulnerabilities affected various components of Internet browsing and Web services, including server-side libraries, OSs, mobile apps and browsers.
Escalation in the severity & volume of attacks: The severity of attacks against organizations highlighted the importance of incident response planning and organization-wide security awareness.
Cybercriminals counter online banking and mobile platform developments: Deployment of mobile ransomware and two-factor authentication-breaking malware has emerged in response to technological developments in the online banking and mobile platforms.
Digital Life and Internet of Everything (IOE) improved way of life with emerging vulnerabilities: The 2014 FIFA World Cup held in Brazil was one of the most popular sporting events in recent history. As such, users faced various threats related to the event—one of the most widely used social engineering hooks this quarter.
Global law enforcement partnerships lead to arrests: By sharing research findings with law enforcement agencies, financial loss prevention from cybercrime has proven effective.
"The reported attacks in the second quarter reveal that the wide spectrum of cyber threats can have a disastrous impact globally," said JD Sherry, vice president of technology and solutions, Trend Micro. "Implementing a strategic incident response plan by forging collaborations, both internally and externally, will provide agencies and industries the resources to respond and protect against current threats to information security."