2011 Was the Year of the 'Hacktivist'
Attacks are increasingly motivated by political and social intent
The "Verizon 2012 Data Breach Investigations Report" reveals the dramatic rise of "hacktivism" -- cyberhacking to advance political and social objectives.
In 2011, 58 percent of data stolen was attributed to hacktivism, according to the annual report released today from Verizon. The new trend contrasts sharply with the data-breach pattern of past several years, during which the majority of attacks were carried out by cybercriminals, whose primary motivation was financial gain.
Seventy-nine percent of attacks represented in the report were opportunistic. Of all attacks, 96 percent were not highly difficult, meaning they did not require advanced skills or extensive resources. Additionally, 97 percent of the attacks were avoidable, without the need for organizations to resort to difficult or expensive countermeasures. The report also contains recommendations that large and small organizations can implement to protect themselves.
Now in its fifth year of publication, the report spans 855 data breaches across 174 million stolen records – the second-highest data loss that the Verizon RISK (Research Investigations Solutions Knowledge) team has seen since it began collecting data in 2004. Verizon was joined by five partners that contributed data to this year's report: the United States Secret Service, the Dutch National High Tech Crime Unit, the Australian Federal Police, the Irish Reporting & Information Security Service and the Police Central e-Crime Unit of the London Metropolitan Police.
"With the participation of our law enforcement partners around the globe, the '2012 Data Breach Investigations Report' offers what we believe is the most comprehensive look ever into the state of cybersecurity," said Wade Baker, Verizon's director of risk intelligence. "Our goal is to increase the awareness of global cybercrime in an effort to improve the security industry's ability to fight it while helping government agencies and private sector organizations develop their own tailored security plans."
The report findings reinforced the international nature of cybercrime. Breaches originated from 36 countries around the globe, an increase from 22 countries the year prior. Nearly 70 percent of breaches originated in Eastern Europe, with less than 25 percent originating in North America.
External attacks remain largely responsible for data breaches, with 98 percent of them attributable to outsiders. This group includes organized crime, activist groups, former employees, lone hackers and even organizations sponsored by foreign governments. With a rise in external attacks, the proportion of insider incidents declined again in this year's report, to 4 percent. Business partners were responsible for less than 1 percent of data breaches.
In terms of attack methods, hacking and malware have continued to increase. In fact, hacking was a factor in 81 percent of data breaches and in 99 percent of data lost. Malware also played a large part in data breaches; it appeared in 69 percent of breaches and 95 percent of compromised records. Hacking and malware are favored by external attackers, as these attack methods allow them to attack multiple victims at the same time from remote locations. Many hacking and malware tools are designed to be easy and simple for criminals to use.
Additionally, the compromise-to-discovery timeline continues to be measured in months and even years, as opposed to hours and days. Finally, third parties continue to detect the majority of breaches (92 percent).