When asked by a ComNews journalist why hackers have an increased
Posted: Wed Jan 22, 2025 4:05 am
These data are provided by the expert and analytical center of the InfoWatch Group of Companies in an analytical report for 2022-2023. According to the report, more than 80% of information leaks in Russia occurred as a result of cyber attacks, where every tenth leak is directly related to the actions of the organization's personnel.
In 2023, there was an increase in the amount of leaked personal data (PD) - 1.12 billion records, which is almost 60% higher than the level of 2022 (then 702 million records were compromised). "The true scale of the damage may be significantly underestimated, since in more than 35% of last year's PD leaks, the amount of stolen data remained unknown," a representative of the InfoWatch press service said.
Andrey Arsenyev, Head of Analytics and Special Projects at the InfoWatch Expert and Analytical Center, says that in 2023, compared to 2022, the number of incidents decreased by 15% and amounted to 656 episodes, while the volume of personal data theft per incident almost doubled - from 0.9 million to 1.7 million records. "InfoWatch specialists predicted this trend more than five years ago in connection with the emergence of large personal data storage facilities related to social services, telecom operators, marketplaces, etc., against the backdrop of accelerated digitalization of the economy," he noted.
The study showed that over 11 years, from 2013 to 2023 inclusive, InfoWatch registered 3.96 thousand leaks that occurred in Russian organizations. As a result of these incidents, a total of 2.78 billion records of personal data (PDn) were leaked. This is the volume of personal information of citizens, which is almost 20 times greater than the population of the Russian Federation.
interest in personal data, bangladesh whatsapp number database Andrey Arsenyev, head of analytics and special projects at InfoWatch, answered: "Personal data is a key digitalization artifact, a universal type of confidential information. All organizations process it to varying degrees. At the same time, personal data is of interest to a wide range of attackers: this data is easy to monetize on the black market, and it serves as "fuel" for fraudsters in phishing attacks. All social engineering is based on personal data, the possession of which allows attackers to successfully disguise themselves as bank or law enforcement employees."
Until 2020, employees and other internal violators dominated the overall distribution of leaks in Russia, while the share of hackers and other external violators in total did not exceed 14% for many years (excluding unknown ones). However, during the pandemic, there was a steady increase in the number of leaks committed by external violators. In 2020, the share of external violators to internal ones was 18%/82%, and in 2021 - 27%/73%.
Deputy CEO of the Garda Group of Companies Rustem Khairutdinov told a ComNews journalist that the transition to remote work during the COVID-19 pandemic required the restructuring of the information technology infrastructure of many domestic enterprises and contributed to the growth of the use of group work systems. "These processes took place in conditions of a shortage of funds for organizing work, and the priority for companies was maintaining employee efficiency, not information security," Rustem Khairutdinov said.
Vladimir Ulyanov, head of the analytical center at Zecurion, a company that develops products to protect confidential information from leaks and other internal threats, believes that the COVID-19 pandemic has exacerbated threats associated with internal violators. "Remote work, coupled with employee anxiety and uncertainty about the future, has led to a multiple increase in the number of data leaks initiated by in-house personnel," he shared.
In 2023, there was an increase in the amount of leaked personal data (PD) - 1.12 billion records, which is almost 60% higher than the level of 2022 (then 702 million records were compromised). "The true scale of the damage may be significantly underestimated, since in more than 35% of last year's PD leaks, the amount of stolen data remained unknown," a representative of the InfoWatch press service said.
Andrey Arsenyev, Head of Analytics and Special Projects at the InfoWatch Expert and Analytical Center, says that in 2023, compared to 2022, the number of incidents decreased by 15% and amounted to 656 episodes, while the volume of personal data theft per incident almost doubled - from 0.9 million to 1.7 million records. "InfoWatch specialists predicted this trend more than five years ago in connection with the emergence of large personal data storage facilities related to social services, telecom operators, marketplaces, etc., against the backdrop of accelerated digitalization of the economy," he noted.
The study showed that over 11 years, from 2013 to 2023 inclusive, InfoWatch registered 3.96 thousand leaks that occurred in Russian organizations. As a result of these incidents, a total of 2.78 billion records of personal data (PDn) were leaked. This is the volume of personal information of citizens, which is almost 20 times greater than the population of the Russian Federation.
interest in personal data, bangladesh whatsapp number database Andrey Arsenyev, head of analytics and special projects at InfoWatch, answered: "Personal data is a key digitalization artifact, a universal type of confidential information. All organizations process it to varying degrees. At the same time, personal data is of interest to a wide range of attackers: this data is easy to monetize on the black market, and it serves as "fuel" for fraudsters in phishing attacks. All social engineering is based on personal data, the possession of which allows attackers to successfully disguise themselves as bank or law enforcement employees."
Until 2020, employees and other internal violators dominated the overall distribution of leaks in Russia, while the share of hackers and other external violators in total did not exceed 14% for many years (excluding unknown ones). However, during the pandemic, there was a steady increase in the number of leaks committed by external violators. In 2020, the share of external violators to internal ones was 18%/82%, and in 2021 - 27%/73%.
Deputy CEO of the Garda Group of Companies Rustem Khairutdinov told a ComNews journalist that the transition to remote work during the COVID-19 pandemic required the restructuring of the information technology infrastructure of many domestic enterprises and contributed to the growth of the use of group work systems. "These processes took place in conditions of a shortage of funds for organizing work, and the priority for companies was maintaining employee efficiency, not information security," Rustem Khairutdinov said.
Vladimir Ulyanov, head of the analytical center at Zecurion, a company that develops products to protect confidential information from leaks and other internal threats, believes that the COVID-19 pandemic has exacerbated threats associated with internal violators. "Remote work, coupled with employee anxiety and uncertainty about the future, has led to a multiple increase in the number of data leaks initiated by in-house personnel," he shared.