Hacktivism and what we can learn from it
Activism has always been present in society, as people have always been revolting against something. Now, according to Bevan Lane of Infosec Consulting, as socio-economic problems get worse, more and more people are finding ways to react against their circumstances.
We are all constantly hearing of new attacks, but very few of us are actually reacting.Bevan Lane of Infosec Consulting
Explaining why, within the last year, hacktivism has suddenly become so public, Lane says it's a symptom of the current environment people find themselves in, especially in the US, where many highly-qualified people are suddenly finding themselves unemployed, not knowing what to do, and are finding ways to react to that - hacktivism being one such way.
“Defining hacktivism can be tricky,” says Lane, adding there can be socio-political motivations, a moderate outlaw orientation and sometimes just a humour objective.
“Just walking around the office of any tech company, you are likely to see employees with Anonymous screensavers and backgrounds. So clearly, within the tech community, there are many people who support what Anonymous stands for. But you have to question the motives,” says Lane.
According to Lane, the term “hacktivism” was coined in 1996, but it's a concept that has existed for much longer. Citing numerous old movie titles such as War Games and Sneakers, Lane says, for the most part, hackers were always seen as glorified heroes. Now, however, films such as We Are Legion actually pose the question of what lawful protest on the Web is, as well as the morality of hacktivism.
Some of the current modus operandi used by hacktivists include “doxing” (stealing of personal information with the intention to embarrass the target), swatting (feeding police false information on a target), phishing, social media attacks and social engineering.
When it comes to targets, Lane says hacker groups such as Anonymous have very long memories. For example, in the rationale for the attack on F1, the group mentioned that F1 was one of the only sporting events that did not shun SA during the apartheid era. “So they become a target because they are seen to be an organisation that acts against the principles of fairness and equality - something hacktivists like to think of themselves as protecting,” says Lane.
Hacktivists vs cyber criminals
[EMBEDDED]Lane questions the distinction between hacktivists on the one hand, and cyber criminals on the other: “The derivative between them is very interesting. I question why we should differentiate between them, when clearly, hacktivists are doing illegal activities.”
Lane says that, according to statistics from Verizon, in 2011, 98% of all data breaches were perpetrated by outsiders. “Don't be a sitting duck,” Lane warns companies. “We are all constantly hearing of new attacks, but very few of us are actually reacting.
“You need to analyse your risk profile - look at what your track history is with consumer groups,” says Lane, using the example of Facebook hate groups.
“Companies must also develop a proactive communication mechanism through social media, and use traditional press to gain support.”
Lane says FNB is an example of a company that has a good approach to proactive communication. “When the bank went down recently, the CEO immediately took to Twitter to engage with customers and ensure they were kept informed. If they had simply kept quiet and left consumers in the dark, the scenario might have been quite different.
“You should also review your controls, and design and implement them in a way that is better suited to dealing with these modern-day attacks. This should be formalised in company policies and procedures, so in the event of an attack, you aren't running around like headless chickens.
“How you react to a breach will make a massive difference to public perception,” advises Lane. “Effective communications can limit damage, while constant denial and backtracking is a disaster.
“Following a data-centric security approach leverages the business value of data to determine and implement the appropriate level of overall IT security and focuses it in the right areas.”