The age of big data leaks has come

"Big data = big leaks", in today's opinion, is not sensational. With the http://www.aliyun.com/zixun/aggregation/8213.html "> Large data Application becoming more and more common, the problem of data leakage has become more prominent." Symantec's latest Internet Security Threat Report (ISTR) (phase 19th) shows that in 2013 the number of data-disclosure incidents increased by 62% over the previous year and more than 552 million identities were leaked. Among them, large-scale data leakage events from 2012 to 1 increase to 8.

2013: The year of large-scale data leakage

Today, the scale and scope of data leaks are expanding rapidly, and these massive data leaks are a risk to corporate credibility, while also causing consumers to suffer from personal information leaks, whether credit card numbers, medical records, passwords and bank accounts, can become the target of cyber criminals. The number of data leaks in the top eight cases in 2013 resulted in the loss of millions of data records, compared with only one case in 2012 with similar serious consequences. Symantec China Security product director Bu Xian said a massive data leak could be the equivalent of 50 minor attacks.

As can be seen from the monthly timetable of the 2013 data disclosure incident in the 19th issue of ISTR report, since October 2013, the disclosure of personal identity information has risen sharply, and in October, November, December, the disclosure of personally identifiable information is more than 100 million.

From the monitored data, in 2013, the average data leakage exposure of the identity of 47 million, the main causes of data leakage include: Hacker attacks (34%), accidental leakage (29%), computer or hard disk theft or loss (27%) and so on. From the industry's perspective, 77% of data leaks were seen in retail, computer software and finance in 2013. The leaked information includes: name, date of birth, ID number (Social Security number), home address, medical record, telephone number, financial information, email address, username and password, insurance information, etc.

Attacking trends: economic interest-oriented

Today's attackers are not only scheming, but also becoming more patient and deliberately waiting for the best returns to be shot.

The 19th issue of the ISTR report shows that the number of attacks against sexual assault has soared in the past 3 years, with a 2011 attack of 165, 408 in 2012 and 779 in 2013. The number of targeted attacks in 2013 grew by 91% over last year, and the attacks lasted three times times as long as they were.

The top three of the top ten industries attacked by phishing sites in 2013 were public administration (government), traditional services, non-traditional services, and from the target audience, executives and PR practitioners were the two most vulnerable target groups, Cyber criminals will take them as a springboard to lock in and attack larger goals such as celebrities or corporate executives.

After 10 months of secrecy, cyber criminals launched the most destructive series of cyber attacks in history, showing a marked shift in cyber-crime: Cyber criminals have changed the way they used to make small profits, and in turn they need months of planning, But large cyber-crime operations that can reap significant economic benefits.

In addition to large data leaks and targeted attacks, the Symantec ISTR report reveals other threat trends: 2013 was the year with the largest number of vulnerabilities of 0, more than 2012 years and 2011 years; in 2013, extortion software attacks increased by 500%; Mobile malware is becoming more sophisticated Mobile applications have become a threat to the complex; in the development trend of Internet of things, the related threats have emerged.

Symantec Global vice president and Greater China President Lian Zhiho said Symantec's Internet Security Threat report provides the latest security threats to the global Internet over the past year, as well as the analysis and recommendations of Symantec's team of security experts. For data disclosure problems, you can avoid: data confidentiality, data protection, monitoring and prevention of host-based intrusion, attention to Web page and message security, encryption, enhanced authentication, etc. for sexual assault, you can prevent: based on the credibility and behavior of protection, monitoring and prevention of host-based intrusion, Manage removable media equipment, pay attention to the relationship between endpoint and network data, do well network threat and vulnerability monitoring.