Future Watch I: The impending dangers of Hacktivism and political hacking

Anonymous logoHacktivism is a rising threat to cyber security that we are sure to see more of in the coming years. Out of the 174 million reported cyber crimes in 2011, around 100 million of them are related to hacktivism. This term refers to the hacking of networks or websites by a group for a political or social cause. ‘Anonymous’ is the most widely recognized hacktivist organization and their targets have been picked due to reasons like human rights abuse, privacy concerns, social messages and other related issues.

The threat scenario once a target is picked translates either to a security breach or a DDoS (Distributed Denial of Service) attack. Apart from this, data theft is also a serious concern. When enterprises or Governments are targeted, the financial loss or data loss risk is insurmountable. Website defacement is one of the most common attack vectors. It usually occurs in the shape of a condemning or accusatory message on the homepage of the breached website.

Some hacktivist threats are carried out by Governments for privacy and censorship measures. This leads to file content viewing, keylogger program installation, screenshot captures, information sent to remote IP addresses and email/social media account hacking. Private lives of prominent people and public figures are also under public scrutinization.

In the coming years, the convergence of hacktivism and social media seems imminent. The reach of networks like Facebook, Twitter etc. could lead to large scale coordinated attacks and in some instances, physical demonstrations. Hacktivists have already shown their prowess in the case of the Syrian President (targeted by Anonymous). The case of Egyptian protests utilizing social media also demonstrated the power that hacktivists possess.

Notable hacktivist incidents:
 

DATE

VICTIM

SOURCE

REASON

December 2010 MasterCard and Visa websites Anonymous Shutting down of payments to WikiLeaks
January 2011 Tunisian Govt and Egyptian Govt Anonymous In support of anti-censorship and the opposition respectively
April 2011 Sony PlayStation Network Unknown Unknown
July 2011 Monsanto (a biotech firm) Anonymous Protest against oil companies
July 2011 NATO Anonymous Unknown
July 2011 News Corp Lulzsec For the phone hacking scandal
July 2011 Apple Antisec Exploited security flaw in software
August 2011 RIM Team Poison Protest against RIM helping police track BlackBerry’s used in London riots
August 2011 Govt of Syria Anonymous Calling for downfall of the President
October 2011 40 child pornography sites Anonymous Operation Darknet
January 2012 Dept of Justice, FBI, MPAA and Universal Music Anonymous In support of SOPA/PIPA and opposing the shutdown of ‘megaupload’
February 2012 CIA Anonymous Unknown
February 2012 United Nations Casi Hackers posted vulnerabilities
February 2012 Foxconn Swagg Security Protest against abuse of human labor rights
February 2012 Syrian President Anonymous His emails were revealed to the world
February 2012 Symantec Unknown Tried to extort $50,000
February 2012 Texas police, Boston police and Salt Lake City police Anonymous Reasons related to child porn, anti-graffiti bills and Occupy Boston
May 2012 Indian Congress and Supreme Court website Anonymous In support of Pirate Bay and free speech on the web

 
While hacktivists have been targeting enemies of privacy and free speech so far, the fact remains that these organizations are acting like masked vigilantes. At times they have no clearly stated goals so conflict of interest becomes inevitable. These techniques could be used for extortion and harassment. For instance, Anonymous is a faceless group and the identities of its members are unknown so there is no telling what their motives are.

Hence, it becomes important to distinguish between different kinds of hackers. White-hat hackers breach networks for altruistic reasons while grey-hat hackers have questionable ethics and can use their skills for non-altruistic purposes. Black-hat hackers are the worst of the kind since they utilize their hacking skills for criminal purposes only.

With all kinds of different threats looming around, one needs multi-layered protection that will help protect not only from malware and viruses but also from such new generation threats. Both Quick Heal Internet Security and Quick Heal Total Security are products that provide the right mix of multi-layered protection.

Rahul Thadani

Rahul Thadani


2 Comments

Your email address will not be published.

CAPTCHA Image

  1. how to prevent hacking in 2013???

    Reply