This data breach report found that 73% of the breaches were caused by external sources. However, the impact caused by the insiders were much larger when they did occur. The report shows that 59% of the breaches involve hacking. Of those (hacking) the breakdown is this:
- Application/Service layer -39%
- OS/Platform layer - 23%
- Exploit known vulnerability -18%
- Exploit unknown vulnerability - 5%
- Use of back door -15%
"Attacks targeting applications, software, and services were by far the most common technique, representing 39 percent of all hacking activity leading to data compromise. This follows a trend in recent years of attacks moving up the stack. Far from passé, operating system, platform, and server-level attacks accounted for a sizable portion of breaches. Eighteen percent of hacks exploited a specific known vulnerability while 5 percent exploited unknown vulnerabilities for which a patch was not available at the time of the attack. Evidence of re-entry via backdoors, which enable prolonged access to and control of compromised systems, was found in 15 percent of hacking-related breaches. The attractiveness of this to criminals desiring large quantities of information is obvious."
So if we multiply 59% times 39% we get 23% of those data breaches are due to attackers hacking applications. It is clear that securing applications is a significant part of protecting against data breaches. And data breaches have been moving to upper stack of the the OSI model.