摘 要
数据作为数据驱动型经济的推动者,承担着核心角色,使其成为网络犯罪分子的主要目标。数据威胁是针对数据源的一系列威胁,其是一种未经授权的访问和泄露数据,以及操纵数据以干扰系统的行为。
数据泄露在GDPR中被定义为任何导致意外或非法破坏、丢失、更改或未经授权披露或访问传输、存储或以其他方式处理个人数据的安全漏洞。从技术上讲,针对数据的威胁主要分为data breach和data leak。前者是一个系统或组织的蓄意攻击,目的是窃取数据;后者是由于错误配置、漏洞或人为错误而导致敏感、机密或受保护数据意外泄露的事件,它不包括故意攻击。
本文将重点介绍有关数据威胁(data breach,data leak)的主要调查结果、事件和趋势。
主要调查结果
主要事件及趋势
其他趋势
参考文献
[1]https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:02016R0679-20160504&from=EN.
[2]https://www.domo.com/learn/infographic/data-never-sleeps-9.
[3]https://www.verizon.com/business/resources/reports/2022/dbir/2022-data-breach-investigations-report-dbir.pdf.
[4]https://www.ftc.gov/system/files/ftc_gov/pdf/CSN%20Annual%20Data%20Book%202021%20Final%20PDF.pdf.
[5]https://www.mcafee.com/blogs/tips-tricks/a-guide-to-identity-theft-statistics-for-2022/#:~:text=An%20estimated%2015%20million%20Americans,Fraud%20Study%3A%20The%20Virtual%20Battlegroun).
[6]https://www.enisa.europa.eu/publications/enisa-threat-landscape-2021.
[7]https://www.fiverity.com/resources/fiverity-introduces-2021-synthetic-identity-fraud-report2.
[8]https://www.europol.europa.eu/cms/sites/default/files/documents/internet_organised_crime_threat_assessment_iocta_2021.pdf.
[9]https://blog.cloudflare.com/ddos-attack-trends-for-2021-q4/.
[10]https://www.concordia-h2020.eu/wp-content/uploads/2020/06/D4.1_Ready_for_Submission_D4.1-final_revised.pdf.
[11]https://www.forbes.com/sites/thomasbrewster/2021/10/14/huge-bank-fraud-uses-deep-fake-voice-tech-to-steal-millions/.
[12]https://venturebeat.com/2021/05/29/adversarial-attacks-in-machine-learning-what-they-are-and-how-to-stop-them/.
[13]https://www.idtheftcenter.org/post/data-breach-increase-14-percent-q1-2022/.
[14]https://www.wsav.com/wp-content/uploads/sites/75/2022/01/20220124_ITRC-2021-Data-Breach-Report.pdf.
[15]Cost of a data breach report, IBM, https://www.ibm.com/security/data-breach.
[16] 2022 Thales Data Threat Report.
[17]https://mb.cision.com/Public/20506/3530950/b55a39d9e52a4074.pdf.
[18]Tenable’s 2021 Threat Landscape Retrospective.
原文始发于微信公众号(中国保密协会科学技术分会):ENISA有关数据威胁的调查
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论