Cyber crimes shift to hacktivism, report finds

Friday - 3/23/2012, 10:19am EDT

Bryan Sartin, director of investigative response, Verizon

Download mp3

Verizon's 2012 data breach investigation report found cyber crimes in 2011 fell primarily into two areas — financially-motivated and hacktivism.

"In the case of hacktivism, the motivation of these crimes is to damage the reputation of the victim. They're retaliation or they have a political motivation to them, and that means these crimes can play out in many hundreds of different ways," said Bryan Sartin, Verizon's director of investigative response and one of the report's principal authors, in an interview with The Federal Drive with Tom Temin.

The shift to continuous monitoring to detect cyber crime is useful as long as "you know what you're looking for," Sartin said.

On average, it takes six months from the initial cyber intrusion to the time the victim finds out about the breach, he said. He added that more than 85 percent of cyber victims find out about a breach from a third party.

"So many people get caught up looking for the needle in the haystack when it comes to monitoring, but if you know what crimes look like, in fact, it's not about needles at all. It's really about looking for haystacks," Sartin said.

Sartin said the concern over state-sponsored cyber attacks is a real threat but also "over-hyped."

The report found financially-motivated crime generally targeted small to mid-sized businesses with 10 to 100 employees.

"What you see if more repetitive electronic crimes targeting more, smaller entitles," he said.

Sartin added the total damages is "overall much lower" than the past.

Because the crimes yield smaller damages, these hacker often "fly off the radar of law enforcement," he said.

This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.