The “IBM X-Force Threat Intelligence Index 2019” highlighted troubling trends in the cybersecurity landscape, including a rise in vulnerability reporting, cryptojacking attacks and attacks on critical infrastructure organizations. Yet amid all the concern, there is one threat trend that our data suggests has been on the decline: hacktivism — the subversive use of internet-connected devices and networks to promote a political or social agenda.
Looking at IBM X-Force data in the period between 2015 and 2019, our team noted a sharp decrease in publicly disclosed hacktivist attacks. Our data incorporates incidents pulled from established and reliable reporting streams and reveals where a specific group claimed responsibility for the incident and where there is quantifiable damage to the victim. While this data does not capture all cyber incidents — nor all hacktivist attacks that occurred in that period — the decrease in publicly acknowledged hacktivism attacks remains significant since public attribution is a key component in these types of attacks.
In 2016 in particular, hacktivist attacks such as Operation Icarus, which directed distributed denial-of-service (DDoS) attacks at banks worldwide, made headlines several times. Another 2016 attack by the same group was a “declaration of war” on Thai police following the conviction of two Burmese men for the murders of two British backpackers. That operation resulted in the defacement of several Thai police websites. In 2018, the number of reported attacks was much lower, although various groups used decline hacktivism attacks percent since