« Who Wants $500?
Weekly Intelligence Summary: 2010-08-13 »

DBIR cover challenge clues

Alex Hutton
August 11th, 2010

——————

UPDATE:

OK, seriously.  Whomever is dropping these hints off to Ryan Naraine http://www.zdnet.com/blog/security/verizon-dbir-challenge-clue-2/7148 at ZDNet:  You’re giving away too much.

——————

There’s been quite a bit of activity about the DBIR Cover Challenge on Twitter today (#DBIR).

Somehow, somebody is giving Ryan Naraine clues that he is posting over on ZDNet and Threatpost. Until we can stop these clues from leaking out, you’ll probably want to continue to monitor what Ryan is posting there and the activity and progress of DBIR cover crackers on twitter.

Tags: ,

This entry was posted on Wednesday, August 11th, 2010 at 8:42 pm and is filed under 2010 Data Breach Investigations Report, Analysis. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Comments

  1. Can someone help me understand the statistics on page 2/3, 3/4 in the report? Why do they not equal 100%

    Posted by: Mitch on August 13th, 2010 at 3:30 pm

  2. Many breaches involve multiple agents, actions, etc and thus stats often show >100%. For instance, in the first table in the exec summary, it shows that 27% of breaches involved more than one agent (ie, both ‘external’ and ‘internal’ categories would be checked). It’s not mutually exclusive of the three primary agent categories (external, internal, partner). See Figure 7 on page 14 for the exclusive (non-overlapping) view that sums to 100%.

    Posted by: Wade Baker on August 13th, 2010 at 6:11 pm

  3. Thanks…but what about the “How do breaches occur” section?

    Posted by: Mitch on August 13th, 2010 at 7:39 pm

  4. I’m argentinian living in argentina. Can I submit the solution?

    Posted by: jose on August 16th, 2010 at 5:54 pm

  5. @Jose – Sure.

    Posted by: Wade Baker on August 16th, 2010 at 5:58 pm

  6. Same kind of thing. A single incident may involving a hacking event, a malware event, a social event, etc. All of these actions would be considered part of that one incident and result in >100% across all categories for all incidents.

    Posted by: Wade Baker on August 16th, 2010 at 6:00 pm

  7. Check the last page, plain text sees all ;)

    Posted by: Daniel Wood on August 20th, 2010 at 2:46 pm

  8. How to NOT solve the DBIR 2010 cover challenge…

    In a previous blog post, I had written about a couple of ideas for the DBIR cover challenge. Jan (a colleague from the DCSEC group of University of Hanover) and me finally solved the challenge today and I found out I HAD THE CORRECT SOLUTION FOR OVER A…

    Posted by: Christopher Kunz on August 26th, 2010 at 10:09 pm

Leave a Comment

All submissions, like other use of this site, are subject to the Terms of Use. By using the site, I agree to those terms.