Companies need to protect their people and systems against hacktivism because it can compromise their networks. Worse still, it can be a cover for cyber criminals.
The term hacktivism first emerged in the mid-1990s when hacking into computer systems was employed by some activists to express political or sociological beliefs.
Famously, The Cult of the Dead Cow had a member called Omega who used this method.
Nowadays, modern hacktivism is defined by groups like Anonymous. Anonymous has no formal membership or controlling body but it has carried out a wide range of attacks since early 2000 from pranks to more malicious attempts to attack companies and other organisations.
Gary Jowett, from Computer & Network Consultants in Brighton, says: “Such attacks are a form of terrorism and can serve as a cover for criminals out for information or money to get into your network or stop your business operating.
“Like most cyberattacks, it doesn’t matter if you have extremely watertight security; if an employee is sympathetic to a particular cause they may, unwittingly, click on a link or share an unsafe attachment.”
There are many ways hacktivists attempt to make their point.
A very common technique is the bombarding of a website with fake traffic known as a Distributed Denial of Service (DDoS). It’s been used for many years and still proves effective. The site that’s being attacked cannot cope with so many messages so it has to be taken down.
And there are a range of other techniques including website mirroring, where the content of a censored website and its posts are copied to other domains that aren’t censored. There’s also ‘doxing’ where private and confidential documents are hacked into and made public.
Gary says: “Your business clearly can’t control all the personal beliefs and activities of your workforce. But what you can do is ensure you use secure email services from Mimecast and also remind employees about the threat hacktivism poses. Even if they’re sympathetic to a particular cause or campaign, they should be reminded not to share any messages or links they may receive on personal devices when they’re at work.”