Hacktivists responsible for 58 percent of data theft in 2011
Hacktivists now dominate the world of data theft.
That’s according to the latest annual report by the Verizon Risk team, which coordinates data from government online security agencies to paint a comprehensive picture of who’s hacking and where.
The most striking finding is the sudden rise of hacktivists—skilled hackers whose motives are political, rather than for material gain. Culling data from the Australian Federal Police, Dutch National High Tech Crime Unit, Irish Reporting & Information Security Service, U.K.’s Police Central e-Crime Unit, and the U.S. Secret Service, the Risk team found more attacks from activists in 2011 than in the past seven years combined.
The report drew a clear line between hacktivists and organized criminals who steal information for profit. The latter were responsible for most other hacking and scored the majority of data breaches, with 83 percent. Because criminals usually look to steal information that they can turn into cash, they often attack smaller targets. As a result, they only nabbed about a third (35 percent) of total information stolen in 2011.
Hacktivists, on the other hand, have inversely proportionate figures. Groups such Anonymous were responsible for only 2 percent of the Internet’s security breaches, but nevertheless stole a staggering 58 percent of the world’s data— a total of over 100 million records.
One commonality between the two kinds of hackers is their method of attack: they’re hacking from home into companies they have no direct connection with. Only 4 percent of the world’s hacks implicated internal employees in any way.
Hackers of all stripes are increasingly coming from all over the world, too. A year ago, Verizon reported a then-record 22 countries that originated attacks. This year, that number jumped to 36 countries, including Brazil, Bulgaria, India, Kuwait, South Africa, and Turkey.
Organized data thieves clearly follow a pattern of looking for easy security breaches. Nearly 80 percent of victims were found to be targets of opportunity, meaning “they were found to possess an exploitable weakness rather than because they were pre-identified for an attack,” the report said. Moreover, 96 percent of attacks were classified as “not very difficult,” meaning they would have been avoided with simple countermeasures. The report continued:
“[M]oney-driven crooks continue to focus more on opportunistic attacks against weaker targets. This may be at least partly because a good number of their brethren are enjoying jail time. Instead of major (and risky) heists, they pilfer smaller hauls of data from a multitude of smaller organizations that present a lower risk to the attacker.”
One fascinating anecdote revealed the workweek of a particular small group of organized criminal hackers in Eastern Europe:
“Analysis of the data showed the attackers not only had no routine work week, but they only worked an average of three days a week . During one particular three-day work week, they punched the clock on Saturday, Sunday, and Monday. They compromised 22 organizations across nine countries; Monday was the most productive, with 15 confirmed breaches registered that day. We would joke about ‘nice work if you can get it’ but the jail time these guys are facing doesn’t make for very nice work at all.”
Photo by devdsp