Symantec Global internet Security threat report
numbers. An investigation began when the company began receiving reports of fraudulent activity on credit cards that the company itself had processed. the attackers were eventually tracked down and charged by federal authorities.
notably, one of the hackers was Albert “Segvec” Gonzalez, who had been previously convicted of other attacks. He plead guilty to 19 counts of conspiracy, wire fraud and aggravated identity theft charges in March 2010 and was sentenced to serve up to 25 years in prison. He had also worked as an FBi informant at one point, providing information about the underground economy.70 these attacks and the events surrounding them were discussed previously in the Symantec Report on the Underground Economy.71
this attack is evidence of the significant role that malicious code can play in data breaches. Although data breaches occur due to a number of causes, the covert nature of malicious code is an efficient and enticing means for attackers to remotely acquire sensitive information. Furthermore, the frequency of malicious code threats that expose confidential information, which is discussed in the “Threats to confidential information” metric, underscores the significance of identity theft to attackers who author and deploy malicious code.
Data breaches that could lead to identity theft, by cause
the primary cause of data breaches, across all sectors, that could facilitate identity theft in 2009 was the theft or loss of a computer or other medium on which data is stored or transmitted, such as a USB key or a back-up medium.72 theft or loss made up 37 percent of all data breaches in 2009, a decrease from the previous reporting period when it accounted for 48 percent of all reported breaches (figure 5).
Fraud <1% Insider <1%
Insecure policy 35%
Insecure policy 26%
Figure 5. Data breaches that could lead to identity theft by cause and identities exposed73 Source: Based on data provided by OSF DataLoss DB
70 71 72 73
See http://www.wired.com/threatlevel/2009/12/gonzalez-heartland-plea/ and http://yro.slashdot.org/article.pl?sid=10/03/26/124256 http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_underground_economy_report_11-2008-14525717.en-us.pdf this cause will be referred to as “theft or loss” for the remainder of the report. Due to rounding, percentages might not equal 100 percent.