Hacktivists surpass criminals as data thieves

Hackers who caused data breaches in the name of a social or political cause were responsible for 58 per cent of stolen data in 2011, a new report shows.

Hackers who caused data breaches in the name of a social or political cause were responsible for 58 per cent of stolen data in 2011, a new report shows.

"The new trend contrasts sharply with the data-breach pattern of past several years, during which the majority of attacks were carried out by cybercriminals whose primary motivation was financial gain," said a statement announcing the release of the "Verizon 2012 Data Breach Investigations Report" this week.

"Hacktivist" groups such as LulzSec made headlines in 2011 for claiming attacks on high-profile targets such as Sony and Nintendo. Such groups often claimed their motivation was to demonstrate the lack of security employed by the companies they attacked.

Another major new trend outlined in the report was a huge increase in the theft of information that could be used to identify a person. Personal information was included in 95 per cent of records lost in 2011, but just one per cent the year before. One massive attack on Sony's PlayStation Network and Qriocity service in 2011, for example, compromised 100 million user accounts and resulted in the theft of information such as names, birthdates and email addresses.

The fifth annual Data Breach Investigations Report covered 855 data breaches 174 million stolen records. It was compiled from data collected during forensic investigations that Verizon was hired and paid to conduct through its Terremark subsidiary, which provides IT security services. It also cited data from the United States Secret Service, the Dutch National High Tech Crime Unit, the Australian Federal Police, the Irish Reporting & Information Security Service and the Police Central e-Crime Unit of the London Metropolitan Police.

Some other findings of the report were that:

  • Nearly 70 per cent of breaches originated in Eastern Europe and fewer than 25 per cent in North America.
  • 94 per cent of data compromised involved servers rather than user devices, people, data stored offline or network infrastructure.
  • Insider breaches declined, and 98 per cent of attacks were conducted by external groups such as activists, organized crime, former employees and organizations sponsored by foreign governments.
  • Hacking was a factor in 81 per cent of data breaches and 99 per cent of data lost.
  • Malware was used in 69 per cent of breaches and was a factor in 95 per cent of compromised records.
  • Only seven per cent of breaches involved social strategies such as criminals posing as legitimate businesses, but these were responsible for 37 per cent of stolen records.
  • 92 per cent of breaches were discovered by third parties rather than the organization that lost the data.
  • 85 per cent of breaches took two weeks or more to discover.
  • Verizon deemed 97 per cent of the attacks avoidable without difficult or expensive countermeasures.