The Verizon Risk Teams' 2010 Data Breach Investigations Report, compiled along with data from the United States Secret Service, looked at 141 confirmed breach cases worked by Verizon and the USSS in 2009. One area of the report examined what a particular threat agent did to cause or contribute to a breach. Under the threat hacking, the use of stolen credentials was number one in both the Verizon and USSS datasets.
Threat Action | % of Breaches | % of Records |
Malware | 38% | 94% |
Hacking | 40% | 96% |
Social | 28% | 3% |
Misuse | 48% | 3% |
Physical | 15% | 1% |
Error | 2% | 0% |
Environmental | 4% | 0% |
"The amount of breaches that exploit authentication in some manner is a problem. In our last report it was default credentials; this year it’s stolen and/or weak credentials. Perhaps this is because attackers know most users are over-privileged. Perhaps it’s because they know we don’t monitor user activity very well. Perhaps it’s just the easiest way in the door."