Report says criminals are better communicators than IT staffers

The potential of connected devices to create damage, injury and mayhem is an ongoing security concern. But so far, the Internet of Things is not being linked, in a significant way, to security problems, says a new study.

Verizon, in its just-released annual report of report of cyber incidents, identifies phishing as the major problem. Of the over 65,200 incidents it gathered data about, about 2,250 resulted in a breach, or confirmed disclosure of data to a third party. (In Verizon's parlance, a security 'incident' falls short of a breach.)

A major problem remains phishing, where typically an email with a malicious attachment or link is used to entrap a victim. There were about 9,500 reported incidents, with just over 900 reports of confirmed data disclosure. The main perpetrators of these attacks are organized crime syndicates (89%) and state-affiliated actors (9%), it said.

Humans remain the weakest security link. In looking at phishing activity, the report wryly points out that "the communication between the criminal and the victim is much more effective than the communication between employees and security staff."

It recommended improving email filtering and awareness training, and developing a means to protect the rest of the network from employee mistakes.

The IoT has been identified as a potential security threat on a number of levels. Internet-connected devices can act as spyware, collecting voice, video or just usage data for unauthorized uses. And then there are James Bond-type breaches, where nefarious parties control machines, industrial settings, motor vehicles, drones and any connected devices.

But in terms of the IoT-connected problem, the Verizon report didn't turn up issues. "We still do not have significant real-world data on these technologies as the vector of attack to organizations," it said of the IoT.

IDG Insider


« Up to 30% off Amazon Kindle and Fire Tablets - Deal Alert


Is Facebook playing catch-up with possible camera app? »
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail


Do you think your smartphone is making you a workaholic?