Instead of just embarrassing victims, hacker groups are targeting company’s corporate data in order to hurt them financially, a new report said.
Hacktivists are moving away from defacing websites or knocking them offline to stealing data, according to the Hacker Intelligence Initiative report from security provider Imperva.
Twenty-one percent of all recorded incidents from June to November 2011 saw hackers mounting local and remote file inclusion (RFI/LFI) attacks, researchers said.
The statistic is courtesy of hacktivists, such as the Anonymous and LulzSec, Impervia said.
A form of attack that targets PHP coding, the use of RFI/LFI techniques allows hackers to steal data by manipulating the company’s web server. That move is a step away from their usual tendency to target companies’ websites with distributed denial of service (DDoS) assaults.
That behavior is an evolution within hacktivism that occurred after the high-profile Sony data breach, said Imperva researcher Tal Be’ery.
“The motivation hasn’t changed but rather the method. Pre-Sony, hacktivism’s aim was website defacement which could be embarrassing but had no long term impact,” he said.
“Stealing data from Sony and exposing it showed hacktivists how to damage companies financially. The data theft at Sony hurt the company. But also the breach inspired hacktivists to make data theft their first objective.”