Many of the great minds who fight cyber-criminals flooded the RSA Conference at the Moscone Center to discuss a threat that many had never heard of until recently: hacktivism.
"Many times the target of a hacktivist attack is a company that's taken a very unpopular position for example. Or perhaps it s a government agency in retaliation," said Hugh Thompson, program committee chairman.
For security firms, public enemy number one is Anonymous, the group that hacked BART's web site and then staged weekly protests on the train platforms.
Attacks by Anonymous can be swift and embarrassing. For many companies who've been victimized by Anonymous, the attack is so fast that by the time a company sees it, the damage is already done, according to Grady Summers of information security company Mandiant.
One of the simplest ways a group like Anonymous can hack into a company is with the unwitting help of an employee who uses a personal device for corporate work.
"Eighty-one percent of the users are using personal devices for corporate work," said security researcher Cameron Camp. That's troubling because of what might happen when employees leave that device unattended.
"One out of four people have some sort of password protection on it, so you have a 75 percent chance of being able to get in and do what you need to do, or what scammers are interested in," Camp said.
There's also the risk that scammers could phish for your password, using the very information you've provided on your Facebook timeline to gain your trust.
Whether it's to steal your money, or make a political statement, the attacks aren't going away. "If they succeed once, they're going to try again," said Camp.
