April 24, 2012
Majority Of IT Security Professionals Rank Anonymous, Hacktivists As Top Threat
More than sixty percent of IT security professionals worldwide believe their organization will be targeted by cybercriminals during the next six months, according to the results of a new survey by cybersecurity firm Bit9.
Nearly two-thirds said Anonymous and other hacktivist groups would be the ones most likely behind such an attack, the survey of more than 1,861 security professionals found.
Just 28 percent of the survey´s respondents believed "disgruntled employees" would target their companies.
The threat perceptions differed according to the type of organization each participant represented. For instance, nation states were viewed as the top threat for those working in the government sector, while those working in retail viewed cybercriminals as their greatest threat.
"The survey results put a spotlight on an interesting contradiction: on the surface, people are most afraid of embarrassing, highly publicized attacks from hacktivist organizations like Anonymous, but they recognize that the more serious threats come from criminal organizations and nation states," Bit9 chief technology officer Harry Sverdlove told MSNBC Technolog reporter Suzanne Choney.
Indeed, while hacktivists were responsible for stealing the largest amount of data in 2011, they were only responsible for 3 percent of the total number of breaches, according to a 2012 Data Breach Investigations Report released last month by Verizon.
Although the majority of the survey participants considered Anonymous their top threat, 45 percent of respondents said they were most concerned about a malware attack, such as Trojans, rootkits, worms and viruses, something typically associated with cybercrime rather than hacktivism.
Just 11 percent were concerned about distributed denial-of-service (DDoS) attacks, while 6 percent worried about SQL injection, the two attack types most commonly used by hacktivists.
Sverdlove said he believes most IT professionals fear an attack by Anonymous because of the negative publicity such breaches create.
Nevertheless, nearly 95 percent of those surveyed said data breaches should be disclosed to the public, with 48 percent saying companies should disclose the breach occurrence as well as what was stolen. An additional 29 percent believe that organizations should also disclose how the breach took place.
Over half of the survey´s respondents, or 54 percent, believe the most important machines in their organization are infrastructure servers, while 48 percent said file and database servers were most important. Some 46 percent ranked Web and application servers as the most important machines, and 45 percent selected email servers (multiple choices were permitted).
When asked which machines had the most effective cybersecurity protections in place, the order remained the same, with 40 percent believing their cybersecurity is strongest on infrastructure servers, and 26 percent believing it is strongest on endpoint machines.
More than half of the IT professionals who participated in the survey said that implementing best security practices and better security policies would have the most significant impact on the strength of their organization´s cybersecurity. Just 15 percent said improved technology would have a better impact.
Very few were particularly trustworthy of government efforts alone in addressing the issue of cybersecurity.
"Despite current plans to implement cyber security legislation, only 7 percent believe that government regulation and law enforcement will best improve security," Bit9 said.
An infographic of the survey´s results can be viewed here.