So-called ‘hacktivists’ stole more data from companies than regular criminals according to a report from US mobile carrier Verizon.
The 2012 Data Breach Investigations Report (pdf) describes 855 separate data breaches which were investigated by a variety of international law enforcement agencies. The breaches resulted in 174 million records being nicked by cyber ne’er do wells.
Interestingly, the report revealed that the vast majority of break-ins were from organised crime gangs, 83 per cent in all, and hacktivists made up just 3 per cent. However in terms of data ‘liberated’, angry teen hackers accounted for over 100 million records of the total of 174 stolen.
The report described 2011 as a year of "civil and cultural uprising" in which unrest was not limited to the physical world, with the online world "rife with the clashing of ideals, taking the form of activism, protests, retaliation, and pranks."
In setting out some key statistics involving data breaches, the Verizon report also paid tribute to the variety of law enforcement agencies worldwide that played a role in fighting the attacks including the United states secret service, Dutch national High Tech Crime Unit, Australian federal Police, Irish Reporting & Information security service and the Police Central e-Crime Unit of the London Metropolitan Police.
"It wasn’t all protest and lulz, however. Mainline cybercriminals continued to automate and streamline their method du jour of high-volume, low-risk attacks against weaker targets," said the report.
The report provided a number of key mitigation recommendations including the implementation of firewalls on remote access services and ensuring that contracted third parties actually follow through on delivering promised security measures.
For larger outfits, the Verizon reports reckons that such companies should eliminate unnecessary data from the troves of data they typically collect and they should, obviously enough, keep tabs on what data they retain.