How to Stay Ahead of Hacktivists Who Are After Your OrganizationBy: Susan Asher
If your organization ever does or says something someone disagrees with, it could be targeted for a cyberattack. Grass-root marketing hackivists who find fault with your organization are experts at enticing people on social media and underground websites to join their cause to coerce your organization to change its policies or practices. In order to protect your organization, you need to know when hacktivists are targeting it or people affiliated with it. Hacktivists will often target staff or board members to ultimately harm your organization’s reputation.
No industry is exempt from hacktivists. If someone sees your organization or one of its representatives as harming the environment, influencing the government or taking a social stance that is offensive or threatening in any way to someone or some other cause, your organization could become a target for hacktivists. Their cyber attacks are designed to cause harm to your reputation, to shut down or deface your website, or to steal funds from the organization or its board members or staff.
When planning attacks on an organization, hacktivists often post disparaging remarks about it on social media sites and underground websites to influence other people to join in on attacks. The hactivist cyber campaigns of today consist of more than infecting your network with malware and implementing Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, cyber attacks in which large amounts of Internet traffic are directed at a website in hopes of knocking it offline. Additionally, hacktivists conduct spear phishing attacks to steal valuable customer and employee data, and to hijack corporate Twitter credentials. These criminals also create fake websites that appear to be affiliated with your organization, and they create fake social media accounts using the name of your company or names of employees. Hacktivists may post instructions on chat sites or social media sites on how fellow hackers can download the tools necessary to harm your organization’s website. They also have been known to obtain employee’s or board members’ personal information—home addresses, spouses’ names, credit card information, dates of birth, and personal email addresses of individuals associated with your organization—to harass them or to make fraudulent charges on their credit cards.
Thwarting Cyber Attacks
By being knowledgeable about when they are being targeted by hacktivists, organizations can prepare to thwart cyber attacks. There are ways to know exactly what types of attacks the hacktivists are planning. Although you don’t have time to troll the Web and have access to hacker underground sites to know what is being said about your organization and its employees, Dell SecureWorks does. Our Executive Threat Surveillance and Executive Brand Surveillance services lets you tend to business as we daily conduct surveillance and discover cyber threats to your organization.
Dell SecureWorks, whose entire business is cyber security, can help determine when hacktivists are targeting your organization, why they are targeting it, and how they plan to do it. Using highly specialized tools and serving as your private investigator, we do the hunting for you on public, semi-public and underground websites that laypeople don’t have access to. When we monitor, we look for the name of your organization and other code names that are affiliated with it, as well as names of employees or board members you have asked us to be on lookout for. Looking for keywords and monitoring numerous different channels, we try to discern what type of person or group is mentioning your organization or employee and whether they could be a credible threat. Each day we’ll share with you the conversations, criticisms, threats and imminent actions taking place across public and private parts of the Internet, and we’ll provide you with actionable steps to defend yourself.