Hacktivists taking credit for 95% fewer attacks since 2015: IBM

Hacktivists have taken responsibility for a staggering 95% fewer cyberattacks since 2015, researchers from IBM reported Thursday.

The number of significant, publicly disclosed cyberattacks claimed by hacktivists, or computer hackers-cum-activists, has dropped from 35 in 2015 to just two in 2018, according to IBM.

Camille Singleton, a global security analyst for the company, cited two factors potentially responsible for the huge decline in disruptive hacktivist activity: a dramatic decrease in campaigns conducted under the banner of the once prolific Anonymous collective; and efforts by law enforcement agencies in the U.S. and abroad to deter cybercriminals through prosecution.

Cyberattacks claimed by self-described members of Anonymous — a movement previously attributed with waging successful attacks against victims such as PayPal in 2010 and Sony and 2011 — dropped from eight in 2015 to only one in 2018, she wrote in the report.

Meanwhile, police in the U.S., U.K. and Turkey arrested a total of at least 62 suspected hacktivists since 2011, the report said.

Several members of Anonymous, or Anons, have faced harsh penalties since its heyday: Jeremy Hammond, a member of Anonymous offshoot AntiSec, was sentenced in 2013 to spend a decade behind bars in connection with hacking Stratfor, a private intelligence firm, and stealing internal data later published online by WikiLeaks; and Barrett Brown, a journalist and activist formerly involved with the group, was ordered in 2015 to pay nearly $900,000 to Stratfor for his participation in making that stolen data public.

More recently, Martin Gottesfeld, an Anon who said he attacked the Boston Children’s Hospital in 2014 as part of a political protest, was sentenced in January to 10 years imprisonment and ordered to pay $443,000 in restitution.

Despite the downtick in activity, Ms. Singleton wrote that IBM is reluctant to declare an end to the era of hacktivism, however.

“Acute social justice issues, greater organizational capabilities among hacktivist groups and a stronger shift to areas that lay beyond the reach of law enforcement all have the potential to dramatically change the face of hacktivism in a relatively short period of time,” she wrote in the report. “More likely than not, we are experiencing a lull in hacktivist activity rather than a conclusion.”

IBM’s findings are based on reported incidents where a specific group claimed responsibility and where there was quantifiable damage to the victim, the report said.