Hacktivism threat to regional governments is getting worse

Hacktivism is on the rise but government can be proactive in cyber defence, writes Nicolai Soling of Help AG

Tags: Cyber crimeHacktivismhelp AG (www.helpag.com/)
  • E-Mail
Hacktivism threat to regional governments is getting worse Soling: Hacktivists have access to more powerful tools, and more government targets to choose from than ever before.
By  Nicolai Sollig Published  November 22, 2016

Hacktivism is no new threat to the cyber community in the Middle East. Two of the world’s most notorious hacktivist groups claim roots in the region and on-going political and social turmoil have made this a hotbed for such activities. Late last year, OpDjibouti started to sweep over the UAE with a target list of more than 200 government entities as well as a number of private organisations operating in the country.

And it is not over yet as other targets under the codenames OpUAE, OpSaudi, OpBahrain etc. are publishing daily target lists which the attackers can then paste into their attack tools to automate attacks. In fact, the attackers have run their campaign with a tagline: “DDoS 10 minutes a day to keep the troubles away”.

Historically this form of attack has been focused around governments, as targeting the public sector has proved to be an effective means to garner media attention. Worse still, we are now seeing offshoots of basic hacktivism such as state funded hacktivism and even cyber terrorism — both of which are harder to combat and far more damaging.

Why the threat will worsen

A prominent factor in the increasing scale of hacktivism is that any government organisation today depends on IT to operate — with functions varying from being able to interact with citizens and business partners, down to controlling how their internal operations and processes run.

Furthermore, as a web-presence is today an integral part of any organisation’s brand, there is a great deal of embarrassment and brand damage associated with such attacks. With Smart Government initiatives rapidly taking off across the Middle East, the impact of hacktivism, and consequently the motivation to carry out attacks, is far more pronounced.

Why the explosion of Hacktivism is not just bad

One of the positive side-effects of hacktivism exploding is that the spread of the attacks becomes thinner. If we go back just a few years, the target lists would have had just one or two sites on them, which meant all the attackers would aim their guns at a single organisation. This meant that the attack load became much bigger for that individual entity, consquently making it much harded to manage the attack.

Today, with the exponential growth in the number of attacks and target lists, the attacks have been spread more thinly, and to some extent there is also a notion that some of the attackers may become a bit ‘battle fatigued’ from keeping up with all of the target lists being published and the repeated rounds of attacks. One needs to remember that the attacker is not necessarily a professional hacker or cybercriminal, but someone who is doing this part-time as a show of political support.

However, what is also happening is that the firepower which is available to the attacker is becoming bigger as computing power evolves. Today cyber criminals can rent DDoS environments which can create problems even for a large organisation. Many of these environments are located in public cloud environments, so taking them down or blocking their traffic can be extremely difficult without impacting other legitimate environments running in the same public cloud.

Combating Hacktivism

When talking about hacktivism, one must understand that it is not a lost battle, and there is a lot you can do to make sure that your organisation is not an easy target. By making your agency harder to target, you will ultimately be less likely to be impacted as there will always be someone else out there, who attackers would rather target. You simply want to make sure you do not become a low hanging fruit, which will be picked first.

The first step is really to ensure that the defences are correctly deployed, which means understanding if you are vulnerable, and evaluating how robust you are to the attack methods a hacktivist will usually be utilizing. As an example, understanding the type of devices connecting to your website or application is a great first step, which not only makes the attack much more difficult, but also saves you the hassle of having to identify attacks in your applications, as the attack is already dropped.

The next step is to understand if you have vulnerabilities, which may be exploited by attackers to upload backdoors or deface your website by placing a political message on your landing page. If you are unable to establish this yourself, you need to work with professionals to figure out if you are a target. At Help AG, we employ a team of ethical hackers, who utilize their technical skills to assess and exploit customer’s environments in order to be able to report and fix the vulnerabilities before a hacktivist can do the same.

But it is also about looking out for the unknown. As good as you may be at identifying the vulnerability, you may still be a target.

As an example, consider a defacement attack — how many organisations have measures in place to respond within seconds — not minutes or hours — to their online presence being taken over by attackers? Sadly, though the threat is very real, most public sector organisations do very little to protect what is essentially a major touch point for their agency. Services such as Help AG’s cloud-based Co-ordinated Threat Mitigation (CTM) are available and these continuously monitor the state of a website, and in case an unauthorized change of the site takes place, automatically replaces the malicious content or redirects traffic.

Given how easy it is to procure cyber weapons and how little risk there is to their use, cyber criminals are bound to increase their usage of hacktivism as a means to voice political frustration. As regional governments increase their online engagement with citizens and their digital footprint, so the scope of hacktivism will grow. With the right strategies in place however, you can protect your agency from becoming just another ‘anonymous’ statistic.

Nicolai Soling is Director of Technology Services at Help AG.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code