Data theft: Hacktivists 'steal more than criminals'

Anonymous protesters Hacktivists are proving hard to combat, suggests a study of data breaches

Related Stories

Hacktivists stole more data from large corporations than cybercriminals in 2011, according to a study of significant security incidents.

The annual analysis of data breaches by Verizon uncovered a huge rise in politically motivated attacks.

Verizon found that 58% of all the data stolen during breaches in 2011 was purloined by these groups.

Hacktivists were hard to defend against, it said, as their attack strategies were much harder to predict.

The Verizon report catalogued 855 incidents around the world in which 174 million records were stolen.

Data defences

"Hacktivism has been around for a some time but it's mainly been website defacements," said Wade Baker, director of research and intelligence at Verizon. "In 2011 it was more about going to steal a bunch of information from a company."

Start Quote

The ability to detect a breach is quite poor across the board”

End Quote Wade Baker Verizon

The hacktivist attacks were spearheaded by the Anonymous hacker group and its tech-savvy offshoots Antisec and Lulzsec. These activists scored a significant number of successes by knocking out websites and stealing large amounts of data from private companies and government agencies.

"Data theft became a mechanism for political protest," said Mr Baker. He added that it was hard to develop specific defences against these attacks because they used tactics and techniques crafted for each occasion.

He said the attacks by hacktivists were not very common but often netted huge amounts of data when they did penetrate defences.

In contrast to that stolen by hacktivists, about 35% of data pilfered from large companies was taken by organised criminal groups which wanted to sell it or use it to commit another crime.

Mr Baker said cybercriminals continued to be a huge threat to large companies, and constantly battered their internet defences looking for weaknesses. These attacks, he said, tended to be opportunistic and capitalised on any loopholes and vulnerabilities they found.

While few firms were going out of business or suffering lasting damage because of a data breach, he said, companies still had work to do to ensure they knew they were safe.

"The ability to detect a breach is quite poor across the board," said Mr Baker.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.