As if Anonymous didn't have enough to boast about. While cybercriminals accounted for the most breaches, "activist groups created their fair share of misery and mayhem last year as well -- and they stole more data than any other group", according to a report Verizon released today in cooperation with Australian, Dutch, English, Irish and US officials. The study attributes 58 percent of data thefts to hacktivists.
"The most significant change we saw in 2011 was the rise of 'hacktivism' against larger organizations worldwide", Verizon reports. "The frequency and regularity of cases tied to activist groups that came through our doors in 2011 exceeded the number worked in all previous years combined".
No shock, Anonymous brags a little, tweeting today: "Verizon Study Confirms 2011 Was The Year Of #Anonymous, With 100 Million Users' Data Breached By Hacktivists" -- and linking to a Forbes story.
Breaches by the Numbers
In total, cybercriminals and hackers compromised 174 million records, the second-highest level in 7 years, across 855 incidents. Breaches occurred in organizations spanning 36 countries. "While good old-fashioned greed and avarice were still the prime movers, ideological dissent and schadenfreude took a more prominent role across the caseload", according to the report.
"Hacking and malware have traditionally led the pack, but this year they’ve pulled away from the group even further while waving 'Hi Mom!' to the camera". Eighty-one percent of breaches came from hacking, up 31 percent year over year, and 69 percent from malware, which rose 20 percent. "An impressive 61 percent of all breaches featured a combination of hacking techniques and malware", Verizon reports.
"Findings from the past year continue to show that target selection is based more on opportunity than on choice. Most victims fell prey because they were found to possess an (often easily) exploitable weakness rather than because they were pre-identified for attack". Targets of opportunity: 79 percent. Easily done: 96 percent. "Most breaches were avoidable", Verizon concludes.
Ease and targets of opportunity cannot be overstated: "Perpetrators rarely know who they are hacking. In most cases it seems that they learn the identity of their victim after they have gained unauthorized access".
Differing Motivations
The report identifies a gaping disparity between hacktivists and cybercriminals. The former accounted for 3 percent of breaches, but stole the majority of data -- "over 100 million records. That’s almost twice the amount pinched by all those financially-motivated professionals...although ideological attacks were less frequent, they sure took a heavy toll".
Perhaps cybercriminals are lazy, by comparison?
Looking through the case data, it is apparent that money-driven crooks continue to focus more on opportunistic attacks against weaker targets. This may be at least partly because a good number of their brethren are enjoying jail time. Instead of major (and risky) heists, they pilfer smaller hauls of data from a multitude of smaller organizations that present a lower risk to the attacker. Think of it as a way to streamline business processes. Find an easy way to prey on the unsuspecting, the weak, and the lame, and then simply repeat on a large scale. This high-volume, low-yield business model has become the standard M.O. for organized criminal groups...
Nearly all data stolen by activist groups were taken from larger organizations. Furthermore, the proportion of breaches tied to hacktivism-related motives rises to 25 percent. This stands to reason, since a low-profile brand is less likely to draw the ire of these groups.
Hacktivists take more risks, and that includes targeting law enforcement agencies pursuing them.
Cybercriminals' predictability is strange comfort to IT security professionals. Verizon's claims that hacktivists "haunt organizations around the world" and their "proclivity to embarrass victims" make "this trend more frightening than other threats, whether real or imagined. Doubly concerning for many organizations and executives was that target selection by these groups didn’t follow the logical lines of who has money and/or valuable information. Enemies are even scarier when you can’t predict their behavior".
Victims certainly ranged a swath of organizations. Among the hackvistisms we reported last year:
There's a whole lot more to Verizon's 77-page report than hacktivism. It's worth reading.
Photo Credit: Rob Kints/Shutterstock