Working with the U.S. Secret Service and the Dutch National High Tech Crime Unit, Verizon was able to analyze 760 data breaches that occurred in 2010. Verizon is publishing its Data Breach Investigations Report detailing these findings on Tuesday.
The trend in 2010 was away from the massive data breaches that led to 144 million compromised records in 2009. Instead hackers are hitting a larger number of smaller businesses. The attacks are less sophisticated, but they are also more likely to stay under the radar of law enforcement. Although the total number of incidents counted in the report went up, just four million records were compromised in 2010, according to Verizon's data.
Instead of hitting big companies like TJ Maxx, hackers are more likely to go after smaller companies with less than 100 employees. These are often hotels, restaurants or mom and pop shops with a cash register or computer connected to the Internet. Their security isn't as good, and police are less likely to respond when they get hacked.
Most attackers are not super-sophisticated state-sponsored cyber-criminals. In fact, a lot of the really good criminals are already behind bars, so today's hackers tend to be less sophisticated, Sartin said. In fact, only 3 percent of all incidents were so sophisticated they were considered nearly impossible to stop.
Although many companies worry about insider attacks, 92 percent of the attacks came from outside the institution. Malicious software such as keyloggers and back door programs was involved about half the time.
Sign up for CIO Asia eNewsletters.