According to an annual report released by Verizon, there has been a dramatic rise of “hactivism” – cyber hacking to advance political and social objectives. The study showed that in 2011, 58% of data stolen was attributed to hactivism. This is in sharp contrast to the data-breach pattern of past years, where the majority of cyber attacks were motivated for financial gains.
The disparity in the numbers between hacktivists and criminal groups may be explained by the kinds of organizations each group has targeted. Cybercriminals tend to target small and medium size business whose networks can easily be compromised. While hacktivists primarily focused on large organizations, attacking these institutions through social engineering and phishing attacks. Employees of these high profile enterprises would be tricked into clicking on malicious email attachments or links that would install malware to steal employee credentials.
Below are some recommendations according to Verizon to prevent data breaches:
Recommendations for Enterprises
- Eliminate unnecessary data. Unless there is a compelling reason to store or transmit data, destroy it. Monitor all important data that must be kept.
- Establish essential security controls. To effectively defend against a majority of data breaches, organizations must ensure fundamental and common sense security countermeasures are in place and that they are functioning correctly. Monitor security controls regularly.
- Place importance on event logs. Monitor and mine event logs for suspicious activity – breaches are usually identified by analyzing event logs.
- Prioritize security strategy. Enterprises should evaluate their threat landscape and use the findings to create a unique, prioritized security strategy.
Recommendations for Small Organizations
- Use a firewall. Install and maintain a firewall on Internet-facing services to protect data. Hackers cannot steal what they cannot reach.
- Change default credentials. Point-of-sale (POS) and other systems come with pre-set credentials. Change the credentials to prevent unauthorized access.
- Monitor third parties. Third parties often manage firewalls and POS systems. Organizations should monitor these vendors to ensure they have implemented the above security recommendations, where applicable.