Motivation according to Dictionary.com is “the act or an instance of motivating, or providing with a reason to act in a certain way.” While stealing data from organizations continues to be financially motivated the 2012 Verizon Data Breach Report indicated an increase in data theft as a result of hacktivism (data breaches aimed at advancing political and social objectives). Who cares?
It’s interesting to see shifts in the motivation behind attacks on computer infrastructure but from a security perspective, a thief is a thief is a thief. Whether motivated by fame, money, or political causes, the need to protect sensitive information in transit and at rest is still the same.
Bill Brenner blogged about this in his Salted Hash blog while referencing hacktivists and cybercriminals.
True, when it comes to motivation, there is a difference. Hactivists are trying to advance a cause and target those they believe are against that cause. Obviously, a different motivation from the simple pursuit of other people’s money. But the tactics and results are the same. – Bill Brenner “Hacktivists and cybercriminals: Is there really a difference“, Salted Hash – IT Security News, March 22, 2012
I couldn’t agree more. While the motivation behind an attack is certainly interesting, the type of information and method of attack is much more important. If you’re stuck doing mandatory reporting of a breach I doubt those affected care who stole their information, only that it was stolen.
The bottom line here is somebody wants to steal your information and you must defend against that reality. Figuring out why they want it doesn’t really change that.
Photo credit: Salvatore Vuono and Freedigitalphotos.net

Connect with me