Data Breach Investigation Report for 2013
Dedicated server security software is essential and data breaches on servers are not slowing down. Therefore, server owners and administrators need to remain vigilant and up to date on current evolving attacks. Most attacks are still occurring from “outsiders” rather than within a data center or workplace. Most originate from China and eastern Europe. According to the Verizon Breach Investigation Report* of 2013, 52% of breaches were from some form of hacking and alarmingly 76% were from network intrusions caused by exploited weak or stolen credentials. 40% of breaches involve malware.
Reasons for breaches and malicious attacks vary widely from financial, opportunistic, disgruntled employees and “because I can” incidents. The Verizon Breach Investigation Report states that 78% of attacks were rated as low difficulty. However, 66% took several months or more to carry out. In most cases, the victim and server administrator rarely discover the breach. An attack can actually originate from a dedicated server resulting in the administrator being notified of the attack by an ISP and being provided little help in finding and eliminating the attack. In such cases, it is essential that a dedicated server provider offers technical assistance in resolving such security issues. Providing any additional dedicated server security software to prevent such incidents from occurring again will help.
There are always ways to prevent successful attacks as much as possible and to be notified of such incidents quickly. It is a challenge to choose the right tools and implement them correctly. Trying to simply unsystematically stop random breaches and attacks on dedicated servers from happening are not effective.
It is always good practice to detect failed attempts rather than simply prevention. This is so you know what attacks are occurring in your particular environment. Then, focus more in that category of attacks.
For example, if you are not processing credit cards, then credit card fraud prevention is not going to be on top of your list of security resulting in time and costs saved for other security measures. Average “all-in-one” security software is not a viable solution.
Doing so will result in the entire server being evenly protected, however resulting in a possible attack in one specific category faced with just average (or even inadequate) protection instead of again, being fine-tuned towards a more common attack that is typical in that server’s field or the environment. As stated previously, certain servers will require more fine tuning towards certain threats. Focusing on that will ensure better security with a more experienced solution.
There is no such thing as a dedicated server security software package for every server. Each server has its own specific security needs.
It’s fairly safe to assume that espionage and stealing top secret technology is not going to be on the list of a dedicated server administrators list of security threats. This will be more towards hacking, malware, spamming, DDoS etc. It is generally quite safe to assume espionage is not a big factor in web hosting security.
Most attacks did occur in western countries were attacked, however, Brazil, India, and South Africa were also hit quite frequently. Organized crime still tops who conducts the largest number of cyber attacks according to the Verizon Business Report. Mostly file and mail servers are attacked but Point of Sale server controllers were attacked by far the most, especially with smaller businesses utilizing this technology.
*Verizon Breach Investigation Report: http://www.verizonenterprise.com/DBIR/2013/