Political Hacktivists Responsible For More Data Breaches Than Criminals, Verizon Reports

Posted: Updated:
Print Article

Political hacking groups such as Anonymous were responsible for more than half of all records stolen through data breaches in 2011, a report has claimed.

American network provider Verizon, working with police forces in the UK, the US, Australia and others, said in an annual report on Internet security that there was huge rise in politically motivated attacks over the last 12 months.

Around 58% of all data stolen in breaches were the result of attacks by so-called 'hacktivists', Verizon said.

The report looked at 855 incidents in which more than 174 million records were reportedly stolen.

The report said: "The frequency and regularity of cases tied to activist groups that came through our doors in 2011 exceeded the number worked in all previous years combined."

Full Report: Read Verizon's Investigation Into Data Breaches Here

Around 97% of all data breaches should have been easily avoided with basic security measures, such as using harder to guess passwords, the report said.

Two of the largest data breaches in 2011 - those involving Sony and RSA, in which tens of millions of reports were lost - were reportedly due to simple software errors.

It also added that 79% of attacks were opportunistic and only 4% were rated as being very difficult for the attackers. A similarly small percentage were carried out by "insiders", meaning employees hacking companies from inside a firewall.

Hacking was involved in 81% of attacks (up from 50% in 2010) and malware was used in 69% of breaches (up from 49%).

While the report did not break out which groups were responsible for which attacks, it said that less than a quarter of the incidents originated from the United States.

Around 70% of the breaches originated in Eastern Europe, according to the report.

However despite the "reinvigorated spectre of 'hacktivism'" gaining growing attention from the media, the report said that simpler and potentially more damaging attacks from other parties were being ignored as a result.

"Many, troubled by the shadowy nature of its origins and proclivity to embarrass victims, found this trend more frightening than other threats, whether real or imagined," the report said.

"Doubly concerning for many organisations and executives was that target selection by these groups didn’t follow the logical lines of who has money and/or valuable information.

"Enemies are even scarier when you can’t predict their behaviour," the report added.

Wade Baker, director of research and intelligence at Verizon, said:

"Hacktivism has been around for a some time but it's mainly been website defacements. In 2011 it was more about going to steal a bunch of information from a company."

But now, Baker said, "data theft became a mechanism for political protest".

Anonymous suffered a blow recently when it was revealed that 'Sabu', the self-taught LulzSec mastermind and WikiLeaks contributor, who was behind attacks on the Zimbabwean and Yemenese governments, had been working with the FBI since August 2011 after he pleaded guilty on several charges and was threatened with 124 years in prison.

After a series of further arrests LulzSec had claimed the group was "retired" - but it now appears they may be planning a comeback, timed to coincide with April Fool's Day.

Around the Web

Anonymous: LulzSec returns on April Fools' Day?

LulzSec is back; Anonymous targets Imperva

Activists 'commit more data breaches than cybercriminals'