Home » cyber security » Halting Hacktivism
network complexity

Halting Hacktivism

Ashley Madison, the online service that helps married people coordinate affairs, is easy to villainize — as are the service’s clients, who are quite obviously planning or engaging in infidelity. So it’s easy for people to view the actions of the hacktivist group Impact Team – which recently carried out a cyber attack against Ashley Madison – as justified, or even honorable.

Yet this type of attack is a far cry from reasoned social justice.

Impact Team has threatened to expose the highly personal information of individual account holders. This would cause Ashely Madison’s parent company, Avid Life Media, to be responsible for “fraud and extreme harm to millions of users,” according to the group’s statement. But implicit in this very statement is the reality that the Impact Team is causing extreme harm to millions of people, through very deliberate actions.

Hacktivism as a political action is plagued with this type of contradiction and illogic. And the Ashley Madison breach should serve as a warning to organizations that assume they’re safe from this kind of attack. Not only could a company be compromised for the sake of an attack on a partnering organization, but it could also be targeted itself for anything that a hacktivist group sees as a motivator.

There are some common attack methods that hacktivist groups employ to defame and damage their targets, including:

  • Distributed denial of service (DDOS) attacks that flood web services with traffic and effectively force downtime.
  • Phishing tactics to uncover information that could aid in defamation of damage the business.
  • Doxing methods that gather personal information that could support defamation of an individual executive or group.
  • Network intrusions and misinformation campaigns are also common.

In addition to refining network security and solid contingency planning, it’s critical that organizations support privacy and security training across all levels of their companies. It’s also important that executives understand possible implications of their personal online privacy practices. And anyone who uses social media on behalf of the company needs to be prepared for tactics that may affect them on that front.

For organizations that are looking to better protect themselves, Lunarline offers a comprehensive suite of products and services that can safeguard you against the hacking methods employed by hacktivist groups. For more information about us, and the solutions we provide, visit Lunarline.com or contact us today.

About Spence Witten

Spence has somehow survived ten years at start-ups and small businesses without suffering a (major) nervous breakdown. As Lunarline's Director of Federal Sales, Spence actually loves working on proposals. If there were any doubt, this is proof that he is in fact certifiably insane. While his title says "Sales" Lunarline doesn't let him off that easy. We make him do real work, too. Luckily he's a recognized subject matter expert in security policy and loves helping clients navigate their way around tricky security compliance standards. He's also been known to lead a software development initiative or two, though that pretty much always ends poorly for everyone involved. He can be reached at spence.witten@lunarline.com.