Malware-based data breaches twofold since 2008

Ponemon Institute the research company conducted a survey -"2009 Annual Study: U.S Cost of a Data Breach" and found that data breaches in U.S organizations resulting from botnets and malware attacks increased from 12% to 24% during 2008-09. The report has been prepared for the fifth year in a row.

Ponemon surveyed 45 organizations, a lot of which suffered several data breaches. The Institute then estimated that on average the annual cost from data breaches increased from $6.65m to $6.75m during 2008-09.

States the study that never before did organizations participate in a survey related to breaches caused with data-stealing malware.

Remarking about this interesting discovery, Founder and Chairman Larry Ponemon of the Ponemon Institute stated that an astonishing discovery was that a substantial increase occurred in criminal or malicious attacks. The attacks frequently used botnets or data-stealing malware, he noted. CNet News published this during the end-week of January 2010.

Mr. Ponemon further said that the Institute never experienced data breaches of the above kind over the past five years. Therefore, there might be ongoing changes in the data breach forms. Additionally, the attacks meant that the participating companies incurred a lot more expenses, the Chairman added.

Furthermore, the survey discovered that on average the data breach cost for an organization rose 2% to $6.75m during 2009. Conversely, the mean expense for each hijacked data per breach increased only $2 to $204. Moreover, the most costly data breach was $31m, while the breach with the least cost valued $750,000.

Together with these findings, one important fact, which was highlighted in the survey, was that data breaches occurred mainly because of mistakes by intermediate company associates (consultants and contractors) or vendors. Evidently, those mistakes related to breaches in the case of 42% of respondents.

Also according to the research, healthcare, communications and financial services firms suffer the greatest amount of consumer related loss due to security breaches. Ponemon stated that the firms depended on trust for continuing their businesses and when an incident of data breach occurred, it led to that trust's depletion.

Thus, security had to be strengthened for thwarting such incidences.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 2/13/2010