Are We Seeing The Growth of Cyber Robin Hood Groups?
A broad description of Hacktivists can be defined as individuals and/or groups who redeploy and repurpose technology for social causes vs. hackers out to cause havoc and enrich only themselves by breaching network infrastructure, HIPAA user data, government targets, enterprise information security, SMB technology security, banking data security, retail PCI systems, and Fortune 500 network infrastructure and data security, among others.
As recently as late 2014 warnings regarding the “AnonGhostTeam” were issued for their efforts in using malware against visitors to deface websites via an Internet Explorer vulnerability [1]. Risks abound in the networked world due to hacktivist targeting. What are you doing to secure your digital assets?
The Inside Track on Diversionary Incentives and Tactics
Former Anonymous master hacker, Hector Xavier Monsegur, aka Sabu, known for his charismatic personality and hacking skills used his talents to engage in disruptive and defiant political activism across the globe. Monsegur accomplished all of this breach activity without leaving the comforts of his apartment on New York’s Lower East Side [2].
During a CBS News interview with Charlie Rose, Monsegur spoke out in his defense against detractors from the hacking underworld that has branded him as a rat. He insists that he had no involvement or responsibility for the arrests of a number of his “hacktivist” peers.
He also mentioned that his new "career" move as an FBI informant did not involve fingering anybody nor will he be outing anyone by revealing the names of his Anonymous collaborators.
There's no question with many industry experts that the hacktivist collective Anonymous is splintering into a number of smaller factions. The decline in Anonymous communication and activity has been evident since late 2010 when Anonymous launched DDoS attacks on organizations that renounced any business involvement or business dealings with the WikiLeaks site. This is making it difficult to associate specific activities with a particular group of actors as well as track them.
This decline will result in the large organization being subdivided into an unknown number of harder-to-monitor groups operated by other underworld individuals.
Charting a Path Forward
As a once consolidated community fracture, how will your organization protect its IT infrastructure from data leaks? Hacktivist agents are harder to track, thus quantifying their actions is growing more difficult. However, one thing is certain, malware and breaches aren’t going away. In fact, they are increasing at a rate that should be setting off alarm bells beyond the confines of your IT security team.
So, what is occurring on the systems that you aren’t seeing? Unknown changes could be exploited by malicious actors harming your business operations. How might you quantify data theft in lost goodwill and other business-related “soft costs”?
References
[1] http://www.infosecurity-magazine.com/news/hacktivists-serious-with-remote/
[2] http://www.cbsnews.com/news/anonymous-hacker-hector-monsegur-turned-fbi-...
