Are you prepared to defend your network against Hacktivists? You should be, because they’re now the number one source of attack traffic, according to the new Verizon 2012 Data Breach Investigations Report (DBIR). There is a solution though, according to Verizon, 97 percent of all attacks are avoidable.
Verizon’s DBIR is an incident based report derived from actual security breaches where Verizon was retained by the victim company to help identify the source and to determine the full extent of the information loses. Many of those loses in 2011 came from Hacktivism, that is attacks that are driven by social and political goals.
Verizon’s research shows that Hactivism presents a wildly unconventional adversary that is capable of employing sophisticated techniques to achieve their goals. 58 percent of all data stolen in 2011 was by Hactivism based activities.
“For the first time ever, Hactivist groups stole more data than anyone else in 2011 and by a considerable margin,” Bryan Sartin, vice president of the Verizon RISK (Research Investigations Solutions Knowledge) Team said during a press conference call. “We’re no strangers to Hacktivism, we have seen it and we’ve tracked it for years, but it has never been apparent in numbers great enough to make that threat truly quantifiable.”
Going a step further, according to Verizon, more 50 percent of the victims of Hacktivism also knew that they were going to be attacked in advance. Sartin noted that organization knew about the pending attack down to a specific window of time even down to a 6 to 12 hour window.
“Hacktivism clearly has the earmarks of a threat that is here to stay and it may well be the top criminal motivation in the next year both in terms of number of breaches and records stolen,” Sartin said.
Hacktivism based attacks use multiple types of attack vectors to breach a victim organization. Sartin explained that financially motivated attacks are all about an attacker finding a victim and then getting the data there are after. In contrast, with Hactivism there are hundreds of different way for them to achieve whatever their goals might be.
“They are out there for retaliation or to damage brand,” Sartin said. “It could be anything from Denial of Service (DoS) against a website to conventional intrusion into mail, HR or financial data.”