Cookies on Pinsent Masons website

This website uses cookies to allow us to see how the site is used. The cookies cannot identify you. If you continue to use this site we will assume that you are happy with this

If you want to use the sites without cookies or would like to know more, you can do that here.

Data breaches are taking longer to identify, says report

It is taking organisations longer to identify breaches of their IT systems, according to research by telecommunications company Verizon.27 Apr 2016

In its annual data breach investigations report, Verizon found that the difference between the time it takes for data to be compromised and for that breach to be discovered is increasing. 

The time taken to compromise data is growing shorter, Verizon said. In part, this is due to the rise in successful 'phishing' attacks, where criminals trick users into downloading malicious software by opening an attachment. One in 10 phishing attempts is now successful, Verizon said, with around 30% of users opening messages and 12% clicking on attachments. This is an increase from 23% and 11% the year before.

Once an attachment is opened malware is "dropped" within seconds, Verizon said. Likewise, the physical compromise of ATMs and petrol pumps happens almost instantly.

"In the majority of confirmed data breaches, the modus operandi of nation-states as well as financially motivated attackers is to establish control via malware and, when successful, it is lightning fast," the report said.

Detection of the breaches, however, is slow, with most notification coming from external sources such as law enforcement and other third parties, Verizon said.

Breach response specialist Philip Kemp of Pinsent Masons, the law firm behind said this comes as no surprise.

"Detection methods just aren’t keeping up. It's taking longer to discover breaches as the sophistication of attacks, and the skillsets of the attackers behind them, continue to grow. It's an escalating arms race," he said.

"In some cases organisations have no idea they have been breached until they are told by law enforcement, which can be months or years after the initial breach. When this is combined with rising numbers of successful attacks based on human misjudgement, for example the increase in successful phishing attacks, it is clear that organisations need to pay close attention to both internal and external threats," Kemp said.

Verizon studied 64,199 incidents and 2,260 confirmed breaches in 82 countries, it said.