Just yesterday I completed a lengthy article regarding several aspects of cybercrime and their impact on private and military sectors. In a section of the article describing among other factors the impact of the phenomenon hacktivism far from negligible. According the study “Data Breach Investigations Report” published by Verizon hacktivists stole almost twice as many records of ordinary cybercrime from organizations and government agencies.
The most significant change we saw in 2011 was the rise of “hacktivism” against larger organizations worldwide. An impressive number of attacks made by activist with regular frequency has been registered during last year causing a great deal of effort responding to the cyber threat. Another interesting observation about 2011 is the much lower percentage of multi-agent breaches, in fact most of the accidents was made by a single category of threat agent.
The methods of attacks used by hacktivists include blocking access to websites, defacing of web sites, identity theft, virtual sit-ins, and website hijacking. The debate on the phenomena is open, many professional in fact believe cyber attacks represent a justifiable form of protest meanwhile we are facing with crime that cause serious leaks. Cyber activists use hacking techniques to perform their operations involving critical masses made of ordinary people. The type attacks more diffused is without doubts the Distributed Denial of Service (DDoS) attack, which attempt to make a site or service unavailable to its users due an enormous quantity of request sent in a short period. Hactivists are demonstrating increasing skills in their attacks and we expect increasing in number of their operations with possible extensive damage. In the future we will be confronted with new cyber threats such as malware developed cyber espionage and information for collection building.
Extremely dangerous is the phenomenon of infiltration of the groups of hacktivist due critical mass involved in their operations. A few days ago was released a version of a fake operative system announced as a product by Anonymous. Within hours, tens of thousands of users had downloaded the release ignoring the dangers and the possibility that the OS was infected. Events like this are very dangerous considering the rapid spread of malicious agents produced by the criminals.
Which are the favorite victims of attacks of hacktivist ?
Groups of hacker like Anonymous usually target corporations, intelligence agencies, but also military institutions and sub contractors. Just this last category is one of the most vulnerable and the could manage very sensible data related more protected environment like military, for this reason they are a privileged target.
To demonstrate the effectiveness of the operation made by the hacktivist let’s consider that while more than 80 percent of the data breaches in 2011 were caused by organized criminal, the number of records stolen during operation of hactivist represented 58 percent of the total, this indicates that the operations of cyber protests usually expose superior quantity of data respect ordinary cyber criminal acts. Hactivist groups are playing a primary role in the data breach scenario, related threat motivated by ideological dissent is acquiring an impressive importance that requires that the phenomenon to be analyzed and taken into account in any cyber strategy that is considered serious.
Last year were registered in total 855 data breaches and 174 million stolen records, thee most meaningful threat action categories are hacking, malware and social engineering. Most attacks made by groups of hacktivists target large organizations meanwhile small and medium enterprises are generally spared from cyber threats. This attacks, according the Verizon report, have been originated in 2011 at least in 36 countries versus 22 countries of the previous year, with a relevant percentage (over 70%) originated in Eastern Europe.
Despite the increasing number of cyber attacks methods are relatively simple in more than 90% of data breaches this indicate that wrong security have been implemented.
The study published by the The Ponemon Institute have reported that the average total cost of a data breach last year was to $5.5 million versus $7.2 million of the previous year. Considering the increment of the stolen record this means that globally the cost for each stolen record is reduced. The organizations that better have reacted to the attacks are those institution with a strong commitment on security and with specific figures responsible for the protection and integrity of their Information Systems; they have considered the security an investment and not a cost.
Pierluigi Paganini