2011 suffered the highest incidence of data loss online since firms started keeping track in 2004, according to Verizon's 2011 security report. This was due mostly to weak passwords and more opportunist hackers such as Anonymous and LulzSec, despite increasingly sophisticated security systems being put in place by companies.
The report was compiled with the help of government agencies from around the world such as the Police Central eCrime unit in the UK, and found that there were 855 recorded incidents last year and 174 million compromised records.
It was found that 79% of all breaches were targets of opportunity and 96% of all attacks were "not highly difficult”. 81% were carried out by hackers who were either commercially or politically motivated, whilst 69% of all attacks involved the use of malware.
55% of breaches were carried out using "default or guessable credentials”, whilst stolen passwords accounted for 40% of attacks; clearly this is something that needs to be addressed by enterprise security departments.
The majority of the attacks were carried out on servers or external connected devices, which means that companies should look carefully at their BYOD policies, especially since this morning's news also featured a new data-stealing trojan appearing on the Android platform.
The trojan is believed to have been downloaded 70,000 times and is thought to have been removed from Google Play.
The report flags up the need for enterprises to concentrate less on employing sophisticated security software and more on the basics such as configuration and passwords.