Are hackers are getting more sophisticated? Many of them are. And are they hitting carefully selected targets? Again, often the answer is yes.
But that is not the whole picture. According to a recent study by Verizon it is not even most of the picture. In fact, the vast majority of security breaches last year – 97 percent of the total – were avoidable. Moreover, 96 percent were fairly simple hacks. And they could have been prevented by simply taking basic security precautions.
Likewise, most of the victims of security breaches were targets of opportunity. Hackers found security holes – open Internet ports; sensitive data left unmasked; or careless, easily-broken passwords – and crawled through them.
It is human nature that we are fascinated by sophisticated crimes. Caper movies feature elaborate plots, not thieves who use simple ploys against careless victims. And so it is easy for people to convince themselves that basic security precautions don't matter, because masterminds will find a way around them.
But if you don't take basic security precautions, cyber-attackers don't have to be masterminds.
The Verizon study uncovered some other interesting facts. For the first time, politically-motivated "hactivists" accounted for more breaches than old-fashioned cyber-thieves looking for money. Large firms turned out to be as vulnerable as smaller ones.