Larger companies prone to hacktivists' breaches

Hacktivist attacks less frequent but more damaging last year, with big brand organizations more vulnerable, while smaller companies were more prone to being hit by money-driven cybercriminals, states Verizon report.
Written by Ellyne Phneah, Contributor

Many data breaches last year have been a result of hacktivism, and while their attacks were less frequent, more data were stolen and larger organizations with strong brand names are most likely victims, a report reveals.

According to the Verizon 2012 Data Breach Investigations Report released Thursday, the rise of hacktivism against larger organizations had been the most significant change in 2011, with 58 percent of stolen data attributed to hacktivism, or cyberhacking to advance political and social objectives.

This was in contrast to the data breach pattern over the past few years where a majority of attacks were carried out by cybercriminals, who were primarily motivated by financial gain.

The report, in its fifth year of publication, surveyed 855 data breaches over 174 million stolen records, in 36 countries around the globe. This year, the United States Secret Service, Dutch National High Tech Crime Unit, Australia Federal Police, Irish Reporting & Information Security Service and Police Central e-Crime Unit of the London Metropolitan Police contributed data to the report.

Hacktivist groups accounted for a small proportion of 2011 cases and while they had been less active, their attacks had "taken a heavy toll" on companies. They stole more than 100 million records, or twice the amount obtained by financially-driven hackers, the report revealed.

Nearly all the data stolen by hacktivist groups had been taken from larger organizations, and the proportion of breaches tied to hacktivism-related motives had risen to 25 percent.

The study pointed out that a low-profile brand or company was less likely to draw the attention of these groups. However, they were instead attacked by money-driven cybercriminals looking for "opportunistic attacks against weaker targets", which presented a lower risk.

"Think of it as a way to streamline business processes. Find an easy way to prey on the unsuspecting, weak and the lame, and they simply repeat on a large scale," the report stated. "This high-volume, low-yield business model has become the standard for organized criminal groups."

SMBs target in Asia-Pacific
On a regional basis, while there were no major differences in the number of breaches, there was a contrast in the type of businesses being attacked. Small and midsize businesses (SMBs) are prime targets in the Asia-Pacific region, Mark Goudie, managing principal of Verizon's Investigative Response Team, told ZDNet Asia in an interview on Wednesday.

Goudie elaborated that the U.S. and Europe had more established chain stores and big companies while Asia-Pacific was a region dominated by SMBs. As such, they were more likely to get attacked, he added.

The Verizon executive also added that large organizations tended to be "more savvy and sophisticated" in terms of technology used to protect themselves as compared to SMBs. This would also make them likely targets of cybercriminals, he said.

BYOD, cloud may not be as risky as it seems
Goudie also noted that the technology environment of enterprises have become very "complex" due to the growing amount of data. As such, an organization's security strategy should focus on data management, such as eliminating unnecessary data unless there was a compelling reason to store them, or store data "outside" the organization such as on a compact disc (CD) or hard-disk drive.

Quizzed on whether enterprises should place data in the cloud, he stated that cloud was an "interesting phenomenon". Goudie remarked that while there was much deliberation on whether cloud was secure enough to store data, there have been no incidents in the report where storage of data in the cloud, or in devices which employees used, led to a data breach.

He maintained that hackers still used traditional tactics in stealing from internal databases, and may not have seen the need to evolve to steal from new technologies such as cloud and mobile devices yet.

As such, cloud and the BYOD trend, may not be as big security threats that people have made them out to be, he surmised.

Editorial standards