As human beings, it’s natural for us to support certain causes near to our hearts.
Usually, it’s in the form of fundraisers, food drives, or volunteer work.
But what happens when the lines between beliefs, politics, and business are blurred in the cyber landscape?
‘Hacktivism,’ a combination of the words ‘hacking’ and ‘activism,’ is the act of hacking to bring about political or social change.
And, over the past several years, it’s made headlines for its “hold-nothing-back” approach.
While employees’ personal lives don’t often affect the cybersecurity of your business, hacktivism is cause for alarm.
You see, one of the biggest problems with hacktivists’ strikes are retaliatory attacks.
And, when employees use company equipment for hacktivism, these counter-strikes directly affect your business.
Because hacktivists often strike political targets or major government operations, you could find yourself in the crosshairs of an angry, capable opponent you weren’t even aware of.
Is your organization prepared to survive a nation-state counterattack?
Ukraine Hacktivism Unleashed
The Russian invasion of Ukraine polarized people across the globe – especially hackers.
Ukrainian authorities estimate 400,000 hackers worldwide have joined efforts to counter Russian attacks. Some have even gone on the offensive.
These hacktivists disrupt Russian websites, initiate Distributed Denial of Service (DDoS) attacks, and try to protect Ukrainian IT resources.
While most hackers don’t disclose their identities, not everyone is cautious enough to protect their identity, like hiding their IP address.
As a result, those on the receiving end of hacktivism can trace where attacks came from and strike back.
If they believe your business was involved, you could end up in their crosshairs.
With much of the world currently supporting Ukraine, companies operating inside or with Russia face employee backlash –including insider threat hacking.
Shortly after the invasion began, the Conti Ransomware gang issued a statement expressing full support of the Russian government. Additionally, the gang vowed to devote resources to strike back at anti-Russian enemies.
Only a few days later, Ukrainian members of the Conti gang leaked two years of internal Conti communications.
Conti is one of the world’s most successful ransomware gangs, with over 700 multi-million-dollar victims including Nokia, JVCKenwood, and Ireland’s Department of Health.
Suddenly, their hiring practices, ‘employee’ pay, organizational structure, and internal goals were all made public.
Though not every organization is staffed by technical experts capable of such heavy corporate damage, you need to remember that those within your company have all the technical permissions necessary to act maliciously.
To offset this risk, your organization should maintain the following best practices:
- Limit access as necessary to perform designated work
- Isolate data through network segmentation, user groups, or password protected resources
- Encrypt data at rest and in transit
- Segregate users into user groups with appropriate baseline access
- Monitor networks, firewall, and data for large-scale copying, deletion, or movement of information
For larger organizations, advanced tools such as User and Entity Behavior Analytics (UEBA), or Data Loss Prevention (DLP) solutions can be used for additional monitoring.
Many organizations normally have nothing to do with Russia.
But, can you guarantee none of your employees are among the 400,000 hackers helping the Ukraine?
What about their family members, who share your employees’ home network or remote-work Wi-fi?
Can you guarantee they aren’t pro-Ukrainian hacktivists?
While the risk for most businesses is low, it’s far from certain.
And, it should be weighed against the enormous resources Russia can devote to cyberattacks.
- Released a new malware tool targeting pro-Ukrainian hacktivists.
- Appears to be targeting US energy infrastructure.
- Has been linked to intermittent outages of the Global Navigation Satellite System.
Adding to the troubles, China was detected using state hackers to target the Ukrainian government.
So, will Ukrainian hacktivists go to cyberwar against China as well? What happens then?
How and when Russia or China decides to strike back at Western hacktivists is unknown.
And, there’s no way of knowing whether your business’s IP address or other identifying information could be exposed.
However, you can prepare by verifying your current security.
If your company doesn’t usually perform vulnerability scans and penetration testing, now is a good time to start.
Identifying major vulnerabilities now can stop damage before it ever happens.
Nobody can predict when you might come under attack by Russia, China, a hacktivist, or a cybercriminal.
Even if your business does nothing wrong, you could still find yourself in the targets of an angry opponent.
It’s completely normal to be nervous and concerned about the prospects.
However, help is always available.
For an easy first step, contact Ideal Integrations at 412-349-6680, or complete a short note in the form below.
Our experts will setup a no-obligation meeting to explain options for checking for vulnerabilities, hardening security, and cybersecurity monitoring.
The customized list of options and prices, with as much or as little detail as desired, will help your organization withstand the security challenges of the future.