According to data collected by Verizon for their 2012 Data Breach Investigations Report, which we covered here, some industries are more at risk for hacktivism than others.
While hacktivism only compromised 2% of the dataset, they were tied to 58% of all data stolen (more data stolen per incident). Verizon was able to glean some of the following insights:
- Hacktivism did not affect the hospitality or retail industries (in the 2011 dataset), though these industries made up 75% of all breaches
- Hacktivism tends to originate from Western Europe and North America (vs traditional hackers from Eastern Europe and Asia)
- Hacktivists prefer system vulnerabilities over human ones
- The favoured techniques for hacking by hacktivists includes using stolen credentials, SQL injection and brute force / dictionary attacks
- Hacktivist attack vectors were most commonly web applications (65%) and remote admin services like ssh (18%)
- Hacktivists target data-dense assets such as databases and web applications to steal more data at once than other hackers often do
- Hacktivists announce their activities (detection is a moot point most of the time)
Are you taking any steps to prevent hacktivism against your company?