Hacktivists steal entire databases, profit-driven hackers only take what they can use

Mar 22, 2012 19:21 GMT  ·  By

The “Verizon 2012 Data Breach Investigations Report” reveals that 2011 was the year of the hacktivists. Online activism recorded a considerable increase in popularity and the figures demonstrate it.

Statistically speaking, in 2011, 79% of cyberattacks were named as being opportunistic. More so, according to Verizon, in 96% of cases the targets were so weak security-wise that the attackers didn’t require any advanced skills or techniques to ensure the success of their mission.

Eastern Europe is once again named as being the place of origin for many data breaches, with over 70% of the total.

It turns out that even though cybercriminals perform more data breaches than hacktivist groups, the latter usually steals larger amounts of data each time they gain unauthorized access to a server.

The figures show that the operations launched by Anonymous and other hacktivists against large organizations count for a total of 58% of the stolen records sets.

This shouldn’t come as a surprise. One perfect example is the data breach that affected NASA not long ago, when hackers from Team Inj3c0t and Team R00tw0rm leaked a

6 gigabyte database.

While profit-driven hackers take only what they know to be valuable, online activists who want to unmask corruption usually leak every bit of data they find and let others filter it for the “good stuff.”

"The report demonstrates that unfortunately, many organizations are still not getting the message about the steps they can take to prevent data breaches.This year, we have segmented our recommendations for enterprises and small businesses in the hope that this will make our suggestions more actionable," said Baker.

"Additionally, we believe greater public awareness about cyberthreats and user education and training are vitally important in the fight against cybercrime."

The paper is based on reports gathered from agencies such as the United States Secret Service, the Dutch National High Tech Crime Unit, the Australian Federal Police, the Irish Reporting & Information Security Service and the Police Central e-Crime Unit of the London Metropolitan Police.

The complete report is available here.

Note. My Twitter account has been erroneously suspended. While this is sorted out, you can contact me via my author profile.