Emerging security threats

Are you safe from hactivists?

By David Wagner - Tech Page One April 14 2014 Share Share on facebook Share on twitter Share on google_plusone_share Share on linkedin Share on email

hactivists are an emerging security threat

If hackitvists aren’t necessarily after your hardened security targets, such as proprietary data or customer information, how do you protect against their actions?

Let’s start with the obvious IT security reality: No one is safe from hacktivists.
The reason is that hacktivists don’t play by the same rules, or have the same goals, as other sources of your security threats. They may not be after your most sensitive data but rather are out to embarrass you. For example, hacktivists Google-bombed the Church of Scientology, distorting search results to imply that Scientology was associated with “cult.” Another example of hactivisim was when Syrian activists took over CNN’s social media accounts to display pro-Syrian programming.
Of course, hacktivists rely on all the traditional security-defying tactics as well, including denial of service (DOS) attacks, dedicated malware, and social engineering. As Rick Hayes, Senior Manager, Security and Risk Consulting for Dell Secureworks says in this interview, “We are seeing hackers launch a barrage of different cyber-attacks at their target including everything from DDoS attacks to website defacements, web application attacks, and spear phishing attacks looking to steal valuable customer and employee data to the hijacking of corporate Twitter credentials.” It is this wide-ranging set of tactics and motives that make preparing for hacktivism so difficult.

Security threats: How to foil hactivists

So, if hackitvists aren’t necessarily after your hardened security targets, such as proprietary data or customer information, how do you protect against their actions?
The first goal is to not give anyone a reason to attack you, but that is beyond the control of the IT department. What isn’t beyond the control of the IT department is the ability to track whether the company has drawn attention or ire. Monitoring social media for abnormally large mentions of your companies would be a good place to start. Not only will this help you see something like a “Google Bomb” attack, but any atypical volume of traffic around your company’s name may tip you off to a brewing controversy.

Second, as with all other security efforts, you need to realize it starts with your people. Social engineering attacks are the easiest way to gain access to passwords, which not only lead to sensitive data but also social media accounts. Make sure you have tight policies on who can control official corporate social media accounts, and train those people extensively regarding potential threats.

For more sophisticated attacks, it is important to track and identify everyone who gets into your corporate network. You want an active intrusion prevention system (active IPS). Logging activity for changes in behavior is especially important, as many attacks by hacktivists are persistent and patient. They aren’t interested in specifically what they can penetrate so much as they are in getting access to anything they can. This means that seemingly minor changes in activity can be a major tip-off. Active IPS can also drop malicious packets and prevent attacks, if you know what you are looking for.

Security threats: Distributed denial of service

Perhaps the most common attack recently from hacktivists has been distributed denial of service attacks (DDOS). The danger from these attacks depends on how concentrated the effort is against you, how sophisticated the attack is, and the size of your network. Because DDOS is about network bandwidth, one way to handle such attacks is to simply have a very scalable network. However, this quickly becomes an arms race. Other methods including shoring up the network defenses including firewalls and denying certain types of queries. There are quite a few more options here.

Really, the very nature of the hacktivist attack, with its shifting strategy and goals, makes it impossible to cover every angle of defense for this story. It is also makes it impossible for you. But there are ways to make it difficult for hacktivists to wreak havoc. It also pays to develop a plan in advance for how you will respond, especially when faced with social media attacks. You can’t stop hactivists, but you might be able to give yourself some time to contain any damage.

David Wagner

Contributor at Tech Page One

David has been writing on business and technology for seven years and was most recently an assistant editor at MIT Sloan Management Review, where he covered business topics including IT, innovation, and customer service. His work has also appeared in The New York Times and The Wall Street Journal.

Tags: IT Security,Technology