“The online world [in 2011] was rife with the clashing of ideals, taking the form of activism, protests, retaliation, and pranks.” So reads the executive summary of a new data breach
reportfrom Verizon, drawing a strong parallel between worldwide social and political unrest in 2011 and the prevalence of online threats.
The report offers analysis of 855 data breaches that occurred across the globe in 2011. Among its findings are the fact that hacktivism — cyberhacking committed with political and social objectives in mind — is on the rise. While only 3 percent of attacks were traced to hacktivist groups, they tend to compromise much higher volumes of data than traditional cybercriminal activity, according to the Verizon 2012 Data Brach Investigations Report. In fact, the work of hacktivists is traced to more than 100,000 million compromised records last year, of the 174 million total records compromised.
The report includes data contributed by the U.S. Secret Service and law enforcement agencies in Australia, Ireland, England and the Netherlands.
Not surprisingly, most breaches are still caused by criminals seeking financial gain, who generally target smaller organizations for specific types of potentially lucrative information. Cyberthieves commonly access insufficiently protected information using weak, default or stolen log-in information.
By the Numbers: Cybercrime in 2011
- 855 data breach incidents
(Of those: 81 percent included hacking; 69 percent included malware and; 61 percent included a combination of hacking and malware)
- 174 million compromised records (2nd highest volume since 2004)
- 98 percent of breaches had external sources
- 83 percent of breaches were perpetrated by organized criminal groups
- 3 percent of breaches blamed on hacktivists
- 100 million + compromised records blamed on hacktivists
- 67 percent of data breaches originate in Eastern Europe
|
The report calls traditional cyberattacks less sophisticated than those waged by
politically motivated groups, who commonly hijack domain name systems and flood the bandwidth of Web servers using distributed denial-of-service (DDoS) attacks.
Data breaches were traced to 36 different countries, up from 22 countries in 2010. Less than a quarter of all breaches came from North America, with almost 70 percent coming from Eastern Europe.
No Proof of Cloud Security Vulnerabilities
Another interesting finding seems to bolster the argument of cloud proponents, that the long-questioned security of hosting data in the cloud may be unfounded.
“We’re seeing very little evidence of data breaches in the cloud,” said Brian Sartin, vice president of Verizon’s Research Investigations Solutions Knowledge team in a recent
CFOworldarticle. “There’s a compelling lack of statistics for that.”
Miriam Jones is a former chief copy editor of Government Technology, Governing, Public CIO and Emergency Management magazines.