Is Hacktivism the New 'Lobbying' or Something More Sinister?
The threat of cyber criminals pursuing a political agenda and seeking to disrupt critical infrastructures has been well documented. In the lead up to this year's election, we have seen ‘hacktivism' play out heavily in the media with the very public attacks on Donald Trump and the Clinton Foundation. While these attacks used different techniques, they had similar goals: to undermine both political parties. This is a disturbing cyber security trend: while attacks have typically been considered unrelated, one-time events, they can in fact have much larger implications.
A look back
When hacktivism first gained traction a few years ago, the attacks were normally focused on disrupting a company’s systems or the denial of a consumer service. In recent years however, we have witnessed hacktivists going after a much wider variety of companies, and taking more creative, public approaches to their attacks.
At the end of 2014, we saw the North Korean cyber attack on Sony Entertainment that forced the company to its knees and brought to light its executives’ salaries, as well as un-released films. The cyber criminals had nothing to gain financially from this hack, so we can only suspect it was for retribution of the release of ‘The Interview’, a movie depicting the assassination attempt of Kim Jong Un.
People are starting to realize there are worse outcomes of breaches than just financial loss and as the world goes more digital, so are criminals
Similarly, the breach of Ashley Madison, the infidelity website, created a moral paradox. These hacktivist groups claimed to be undertaking these acts as a way to help the American people, but did it really help the public–or hurt them?
People are starting to realize there are worse outcomes of breaches than just financial loss and as the world goes more digital, so are criminals.
Is Hacktivism the new ‘lobbying’ or something more sinister?
The digital world has delivered a new platform for political ‘lobbying’. Hacktivists have political agendas and this year, they have shown their full force through attacks related to the election.
In March, we saw Anonymous’ threat of “total war” against Donald Trump, with the group publishing his social security and cell phone number online, and then briefly bringing down his campaign website. In addition, we’ve seen several email phishing scams spoof the Trump campaign, e.g. this elaborate scam that conned people to donate for a chance at “Dinner with Trump”.
In July, the Democratic National Committee announced that they were victims of an email attack and their data analytic programs were compromised. In addition, two different teams of Russian hackers breached the email accounts of more than 100 party officials including DNC chairperson Debbie Wasserman Schultz, who subsequently resigned prior to the DNC convention. This dialogue is now reeling as it has been confirmed that the email attacks were state-sponsored by Russia, with reports the White House has vowed to hit back with a “proportional” response.
Several security researchers have predicted that in the next month, we’ll see more attacks against the election. These cyberattacks will continue to come from unknown groups with varying motives and methods–and from different geographies. The big question: will there be additional attacks from other nation states hoping to destabilize one of the parties enough to impact the results of the election.
We will likely see increased targeted digital attacks against both Hillary Clinton and Trump and specific state systems, attempted voting machine malware attacks and also increases in email phishing attacks. If any of these are of a large enough magnitude, they could potentially disrupt or delay the entire presidential election.
But what will happen once the election is over? It is doubtful that this hacktivism will stop. Most likely, activists will continue to find new ways to undermine targeted politicians, government agencies and high-profile agencies that make up this country.
What can be done?
We cannot deny that hacktivists are becoming more commonplace, or that they are simply becoming more successful as they evolve their techniques–this year social engineering, including spear phishing and Business Email Compromise, was the number one culprit of high-profile attacks, raising national–and international–awareness of just how easy it can be to bring a political party to its knees with a single click on an email.
These online vigilantes pride themselves on taking matters into their own hands for a cause, and as such are one of the biggest threats to the state, enterprises and the public. They are extremely calculated and targeted, and it’s nearly impossible to predict their next move.
With cyberattacks remaining one of the biggest threats to privacy, national security and the global economy, there needs to be greater collaboration and information sharing between the public and private sectors to address rising hacktivism threats. I suspect these attacks will only grow more sophisticated and more dangerous, eventually playing out at a global level if action is not taken soon.
If hacktivists have taught the government and companies anything over the past year, it’s that there are much worse fates than financial loss. Cause-driven cyber attacks are often substantially more damaging and dangerous than those motivated simply by greed.
The government needs to implement policies to standardize security measures for all organizations. The specialized technologies to secure digital channels are available, but aren’t being utilized.
While there is no one measure that can counter politically motivated attacks, what’s needed are multiple controls–a cocktail of complementary solutions that provides a multi-layered approach to cyber security where prevention, early detection, attack containment and recovery measures are considered together. In addition, we need to make this a priority–now. There is no excuse for having no security controls in place for email.
At the first presidential debate, Clinton said the U.S. should “lead the world in setting the rules in cyberspace”, and Trump agreed that we “truly have to make cyber security a major priority”. This will put organizations–and our nation–in a better position to mitigate attacks and reduce the impact of any breaches. A united front is needed in this game of Russian Roulette.