Digging Deeper into Data Breaches An Exploratory Data
Digging Deeper into Data Breaches: An Exploratory Data Analysis of Hacking Breaches Over Time Hicham Hammouchi, Othmane Cherqi, Ghita Mezzour, Mounir Ghogho, Mohammed El Koutbi Université Internationale de Rabat, Faculté d’Informatique et de Logistique, TICLab Mohammed V University, ENSIAS
Introduction • increasingly frequent and high-impact data breaches as an ever present danger facing organizations and individuals • In 2018, data breaches compromised the personal information of millions of people around the world • Juniper suggests that cybercrime will cost businesses over than 2 trillion dollars in 2019 • Prior work: policy oriented, regulation oriented, sector oriented 11/5/2020 DEEPER INTO HACKING BREACHES 2
About the Data • Privacy Rights Clearinghouse (PRC) Dataset. • Dataset collected from 2005 to 2018 (~9000 breaches, +12 B records) • Breaches are characterized by a date of publication, name, type and location of organization, and total breached records • Organizations are classified into 7 sectors: BSF, BSO, BSR, EDU, GOV, MED, and NGO 11/5/2020 DEEPER INTO HACKING BREACHES 3
What method used in Breaches ? Breach methods distribution and their evolution over time DISC 20% HACK 28% CARD 1% UNKN 9% STAT 3% INSD 7% PHYS 19% DISC CARD UNKN 11/5/2020 STAT PORT 13% PORT PHYS INSD HACK DEEPER INTO HACKING BREACHES 4
The most devastating Breaches are caused by hacking Estimated cost : $444 Billion From now on we will focus on breaches caused by Hacking • The most devastating breaches are caused by hacking attacks • Average cost per breached record* : $148 11/5/2020 DEEPER INTO HACKING BREACHES 5
What are the most sectors affected by Hacking breaches ? • 2, 575 Hacking breaches between 2005 and 2018 with about 8 billion breached records (70% of the total breached records) • MED and BSO are the most targeted sectors 11/5/2020 Type of Organization # Hacking Breaches Proportion BSF (Financial insurance) 214 8% BSO (Web platforms) 619 24% BSR (Online retail) 301 12% EDU (Educational Organizations) 295 11% GOV (Gov and military) 148 6% MED (Healthcare) 952 37% NGO 38 1% DEEPER INTO HACKING BREACHES 6
Decreasing Inter. Arrival Time => increasing frequency of breaches Interarrival time: time between consecutive breaches 11/5/2020 DEEPER INTO HACKING BREACHES 7
Average of 5 days between two breaches on medical institutions Mean STD Q 25% Median Q 75% Medical 5 21 0 1 4 Finance & Insurance 22 29 4 12 30 Web Platforms Online Retail Educational Gov and Military NGOs 7 17 17 33 123 15 33 21 47 173 1 2 4 5 11 3 7 8 14 54 7 19 22 39 138 11/5/2020 DEEPER INTO HACKING BREACHES 8
Intensification of breaches starting from 2011 Medical Mean STD Q 25% Median Q 75% 5 21 0 1 4 2011 11/5/2020 DEEPER INTO HACKING BREACHES 2014 9
Intensification of breaches after 2014 Web Platforms 11/5/2020 Mean STD Q 25% Median Q 75% 7 15 1 3 7 2012 2014 DEEPER INTO HACKING BREACHES 10
Big shifts in Breaches on MED and Web platforms Remarkable increase starting from 2013 11/5/2020 DEEPER INTO HACKING BREACHES 11
Limitations § Restricted dataset to incidents occurs (reported) in North America Future work § Extend this analysis to study the cause of hacking breaches by looking at the description associated with each breach § Use Natural Language Processing to process breach description 11/5/2020 DEEPER INTO HACKING BREACHES 12
Conclusion • Hacking breaches on the rise • 29% of breaches caused by hacking activities Hacking cause the most devastating breaches in term of volume and financial loss • • Medical organizations and online services are the most targeted • Frequency of 5 and 7 days between two breaches 11/5/2020 DEEPER INTO HACKING BREACHES 13
Acknowledgement This work is partly funded by the NATO Science for Peace and Security (SPS) program under research contract Threat Predict: From Global Social and Technical Big Data to Cyber Threat Forecast
THANK YOU FOR YOUR ATTENTION Any Questions ?
Digging Deeper into Data Breaches: An Exploratory Data Analysis of Hacking Breaches Over Time Hicham Hammouchi, Othmane Cherqi, Ghita Mezzour, Mounir Ghogho, Mohammed El Koutbi Université Internationale de Rabat, Faculté d’Informatique et de Logistique, TICLab Mohammed V University, ENSIAS
- Slides: 16
