Breach Security’s Web Hacking Incidents Database 2008 is interesting reading for anyone who is interested in the origins of website attacks.
From a database of TK reported incidents, the intent breaks down as follows:
- 24% Defacement
- 19% Stealing personal information
- 16% Planting malware
- 13% Monetary loss
- 8% Downtime
- 5% Phishing
- 15% Other
We tend to think that most online crime is motivated by profit so these results are somewhat surprising. Online criminals tend to take the path of least effort and perhaps spam, phishing etc. are just easier than hacking a website for profit.
Only 57 incidents were included in the database in 2008 which suggests massive underreporting. This report represents, perhaps, the tip of the iceberg.
