Quick Hits

ITRC Report: Malicious Attacks Increased In First Half Of 2009

Insider attacks, external breaches make up a higher percentage of compromises
Malicious attacks comprised more than one-third of the security breaches reported in the first half of this year, according to a new study by the Identity Theft Resource Center (ITRC).

While the majority of security breaches are still caused by accidents or oversight, the percentage of compromises caused by purposeful, malicious behavior is rapidly increasing, according to ITRC's first-half study of 250 data breaches.

Insider theft accounted for 18.4 percent of all breaches in the first half, the ITRC says, up from 15 percent in 2008 and 6 percent in 2007. External hacks comprised 18 percent of the breaches, up from 11.7 percent in 2008 and 14.1 percent in 2007.

Most breaches occur where companies don't have any data protection, the study says. "As of June 15, only 0.4 percent of all breaches had encryption or other strong protection methods in use," the ITRC says. "Another 7.2 percent of reported breaches had data password protection. That leaves 92.4 percent of sensitive data that had no protection at all. Many of these breaches are repeated events affecting the same company or agency."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Editors' Choice
Jeffrey Schwartz, Contributing Writer, Dark Reading
Jai Vijayan, Contributing Writer, Dark Reading