Financially motivated attackers continue to steal credentials and leverage them against web application infrastructure. Social engineering in the form of phishing and pretexting is a common tactic used to gain access. This industry also suffers from Denial of Service attacks regularly.
7,463 incidents, 326 with confirmed data disclosure
Web Applications, Everything Else, and Miscellaneous Errors represent 79% of breaches
External (75%), Internal (22%), Partner (3%), Multiple (1%) (breaches)
Financial (93%), Espionage (8%), Ideology (1%) (breaches)
Personal (75%), Credentials (45%), Other (32%), Internal (27%) (breaches)
Secure Configuration (CSC 5, CSC 11), Implement a Security Awareness and Training Program (CSC 17), Boundary Defense (CSC 12)
This industry is made up of a wide range of companies primarily offering service directly to customers. They range from Lawyers, Accountants and Architects to Research Labs and Consulting firms. They share some common traits—Their Internet presence is very important to the livelihood of the organization, and their employees are human and make mistakes.
We mentioned the importance of their Internet presence to the members of this industry. This is why the Web Application attack pattern was seen so frequently this year (Figure 85). These attacks are driven by the use of stolen credentials (frequently obtained in phishing attacks, but also may be laying around on the web from another company’s breach, just waiting for some enterprising hacker to find). These attacks drive the theft of personal data in the sector, and given that there are always people willing to try their luck at using stolen credentials against whatever web infrastructure they encounter, are unlikely to end anytime in the near future.