Cyber Attacks by Hacktivists on the Rise for 2012
According to security experts, hacktivist-led cyber attacks will escalate in 2012 with more attacks against businesses and government. What is even worse is that because of the inherent nature of independent hackers, most will get away with it and not suffer any consequence. According to an article in USA Today, experts say that hackers are sharing their knowledge, becoming bolder, and apparently causing havoc simply because they can.
The "stunning success" by groups such as Anonymous and LulzSec has inspired a new generation of hackers who want to use their hacking skills to raise awareness of particular causes. The USA Today article quotes Josh Shaul with Application Security as saying, "Recruits are lining up, and hackers are teaching classes to get more people in on the action." While 2011 saw more organized crime groups stealing information, 2012 is expected to see the rise of hacktivists who use similar techniques to the benefit of their cause.
Certainly, the term "hacker" is a loose term applied both to those who use their talents for nefarious reasons as well as to those who use their talents to some business benefit, although some on both sides may feel their respective motivations are pure. There is even a sense of respectability given to some hackers. Facebook, according to an article in CNET, offers a prized "White Hat" debit card to hackers, or researchers, who help find bugs in their system. The "White Hat" card is seen as a badge of respect for a talented hacker and is an obvious wink toward "black hat" hackers. But the truth for IT is that no company wants to be hacked, no matter what color hat the cyber intruder is wearing.
Small and midsize businesses (SMBs) are not immune to politically or socially motivated hackers; they might even be more susceptible, simply because there could be more unprotected entry points to the company network due to mobile users, older equipment and operating systems, unpatched browsers, and training issues.
This must be the year to fortify the enterprise against attacks. SMBs should also be aware that politically motivated hackers aren't necessarily seeking the complete destruction of the smaller enterprises. Their goal may be to force disclosure of certain information or to embarrass a company officer. Even stealing subscriber (customer) information may be seen by the hacker as a simple act of civil disobedience, but posting the information as proof of the attack still leads to fallout for the company.
Because the motivation is based more on recognition of a cause rather than money, hacktivism will continue to be a popular means to disrupt and gain attention. Many may even admire the social commitment of the hacktivist. But business is still business, and whatever the political motivations of a hacker may be, company information must still be protected.