Page 6 - BLI Annual Report 2016
P. 6

BREACH LEVEL INDEX
LEADING SOURCES OF DATA BREACHES
Malicious Outsiders Strike Again—
and Again
In order to be better equipped to protect corporate data against attacks, organizations need to have a clear sense of where the attacks are coming from, who’s behind them and what tactics they are using to carry out the breaches.
By far, the leading source of
data breaches in 2016 was malicious outsiders. This group was responsible for 1,223 data breaches during the year, which accounted for more than two thirds of all the attacks launched (68.2%). That compares with 1,082 breaches in 2015 (58% of the total), and represents an increase of 13%.
Breaches from these malicious outsiders involved some 1.05 billion records (76.2% of the total records in all breaches in 2016), up an astounding 286.1% from 272 million the year before. What could account for such a huge increase?
The next biggest source of data breaches in 2016 was accidental loss, although the number of these incidents dropped from the year before. Some 333 data breaches
(18.6%) were caused by accidents, compared with 437 (23.4%) in 2015. That’s down 23.8% year
to year. However, the number of records involved in such breaches increased 9.4%, from 2.65 million in 2015 to 2.90 million.
Also getting a lot of attention in recent months are state-sponsored security attacks, so it’s somewhat surprising that the number of
these types of breaches was down in 2016. State-sponsored hackers launched 22 data breaches (1.2%)
NUMBER OF BREACH INCIDENTS BY SOURCE IN 2016
STATE SPONSORED
MALICIOUS OUTSIDER
22 INCIDENTS (1%)
1,223 INCIDENTS (68%)
HACKTIVIST
47 INCIDENTS (3%)
MALICIOUS INSIDER
164 INCIDENTS (9%)
ACCIDENTAL LOSS
1,792 TOTAL BREACHES
3 UNKNOWN INCIDENTS
Source: BREACHLEVELINDEX.COM January 2016 to December 2016
333 INCIDENTS (19%)
6
For all the attention given to the threat of attacks from inside organizations, malicious insiders were responsible for only 164 of the data breaches in 2016 (9.2% of the total). That’s down 39.5% from 271 data breaches the year before, when insider breaches accounted for 14.5% of the total. Breaches involving malicious insiders exposed 13.9 million records in 2016, or roughly 1% of the total. By comparison, these types of breaches involved 64.7 million records in 2015, or 8.7% of the total.
in 2016, compared with 36 breaches in 2015, for a decrease of 38.9%. Also down was the number of records affected by these attacks, from 108 million in 2015 to
10 million in 2016.
State-sponsored attackers were actually exceeded in the number of breaches by hacktivists, who were responsible for 47 breaches in 2016, accounting for 2.6% of the total and up 30.6% from 36 breaches in 2015. Hacktivist attacks exposed only
12.4 million records in 2016, less than 1% of the total.


































































































   4   5   6   7   8