Hacktivism skews security trend analysis

Powered by SC Magazine

Difficult to make sense of data breach numbers.

The re-emergence of the hacktivist movement appears to have thrown a spanner in the works for those in the InfoSec industry charged with data breach trend analysis.

There has been a series of massive data breaches over the last 16 months - each of which compromised more than a million identities.

During the same time, much smaller incidents occurred in which only a handful of records were stolen.

CQR Consulting chief technology officer Phil Kernick said in July that the Anonymous hacking collective “tend[ed] to find the vulnerable sites first, and justify their actions afterwards”.

The August Symantec Intelligence Report reflected the skewed results in a comparison of the first eight months of this year against the last eight months of 2011, covering what the company said was the revival of the hacktivist AntiSec (anti-security) campaign.

The median number of identities stolen in data breaches had risen some 41 percent since last year from 4000 per breach to 6800.

“The top five breaches in our 2011 data set all registered in the tens of millions of identities. In 2012, only one breach registered above 10 million,” report author Paul Wood said.

“The reasons for this drastic drop in average number identities stolen point to the fact that, while the overall number of attacks were about the same, the number of records stolen in the biggest attacks in 2011 was much larger.”

However, the report also found the average number of identities stolen fell from 1,311,629 per breach to 640,169 this year.

“While the overall average number of identities stolen is down, the core number of identities stolen - when accounting for variance - is increasing over time,” Wood said.

But the wild variance in breached records which skewed results made it difficult to identify trends, he said.

The study found that while attacks decreased, the number of breaches plateaued. There were on average 16.5 breaches per month in 2011 compared to 14 this year.

Wood speculated that the drop in the size of breaches could indicate enterprises had shored-up information security following the large breaches of last year, or that hackers were targeting smaller organisations that hold more sensitive data.

Retail businesses suffered the highest number of identities (40 percent) extracted per breach this year, ahead of telecommunications (15 percent) and computer software (13 percent).

However the health care sector endured the most breaches, (34.1 percent) followed by computer software (14.3 percent) and education (11 percent).

The report has been posted online (pdf).

Copyright © SC Magazine, Australia

Hacktivism skews security trend analysis
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
Sign up to receive iTnews email bulletins
Latest Comments
In which area is your IT shop hiring the most staff?

   |   View results
IT security and risk
Sourcing and strategy
IT infrastructure (servers, storage, networking)
End user computing (desktops, mobiles, apps)
Software development

Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results