Hacktivists like Anonymous and LulzSec stole more data than cyber criminals in 2011, even though they didn’t commit as many breaches.
Verizon’s threat report, which looked at 855 breaches across 174 million stolen records, found hacktivists got their mitts on 58 per cent of all pilfered data, yet they were behind just two percent of breaches.
Hacktivists stole over 100 million records in 2011, almost twice as many as financially-motivated cyber criminals.This was largely due to the fact that activists target large organisations sitting on rafts of records, whereas everyday cyber criminals go for the lowest hanging fruit and steal whenever and wherever they can.
Keylogging, or use of spyware to watch over victim activity, was responsible for more data breaches than any other threat. Number two was exploitation of default or guessable credentials, three was use of stolen login credentials.
“The type of attacks being used are not that advanced,” Jay Jacobs, senior consultant at Verizon, told TechWeekEurope. “They are going to stick to stuff that works. I don’t know if we can say hacktivists aren’t that advanced. It’s clear they don’t have to be advanced to get what they’re after.”
The insider threat has now been minimised too. Just four percent of breaches were down to employee mistakes or malicious behaviour.
There has also been a notable shift to SMEs, as hackers look to go for smaller companies without solid security stacks.
“We see hackers setting up these opportunistic attacks, where they scan basically the entire internet looking for vulnerable point of sale systems. They are going after the softer targets and it’s a much smaller haul for them,” Jacobs added.
“They look for default credentials or easily guessable credentials, log in, drop some malware in there to do some keylogging and that keylogger will then pick up the swipe of a credit card.”
Law enforcement continues to try and clamp down on hacktivism, with numerous arrests made over the past year. LulzSec suspect Ryan Ackroyd, an unemployed 25-year-old from Mexborough in South Yorkshire, appeared at Westminster Magistrates’ Court charged with conspiracy to bring down the websites of the CIA and the UK’s Serious Organised Crime Agency.
How much do you know about security? Test your knowledge with our quiz.
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…
Elon Musk firm touts cheaper EV models, as profits slump over 50 percent in the…
Bad news for Tim Cook, as Counterpoint records 19 percent fall in iPhone sales in…
TikTok pledges to challenge 'unconstitutional' US ban in the courts, after President Joe Biden signs…
British regulator invites feedback on major partnerships Microsoft and Amazon have struck with smaller AI…
Another 20 staff have been fired by Google over Israel protest and their “completely unacceptable…