The evolving nature of hacktivism
by Rob Rachwald - DIrector of Seurity Strategy at Imperva - Monday, 13 August 2012.
A recent Anonymous video admits that theyíve been fairly quiet lately. From an American and Western European perspective, this is somewhat true. In 2010, Anonymous built a reputation with Operation Payback. Since then, there have been various campaigns that have been global in natureósuch as the DDoS attack that followed the closure of Megaupload.

From a global perspective, the video isnít completely correct. Since then, Anonymousí activity has become regional in nature. Like soccer, every culture or nation brings their own twist such as the Spanish passing game, the German set piece or Brazilian flexibility. For Anonymous, the process and objective remain pretty much the same: DDoS attacks and data theft. In some special cases, there are more focused attacks designed to deface or steal targeted information such as Anonymousí theft and exposure of Syrian government files and emails.

What does the present-day Anonymous look like? There are two emerging groups.

Group #1: Global

The group has a global presence which only occasionally embarks on a campaign. Typically, these campaigns, such as the attack on the Syrian government, is reactive. There is a simple patter: incident, response. The Syrian hack sticks out because of its visibility, but there are more examples:
  • Anonymous hackers aided a global search for a cyber-vandal who defaced a charity website
  • Anonymous DDoSed a French company who tried to register the Anonymous motto.
But note that these incidents are reactive to an incident. By contrast, there have been hardly any proactive attacks. For example, one planned attack which was conceived in the Netherlands, Operation NewSon, never occurred. The objective: attack the wealthiest, biggest companies worldwide. According to the web page promoting the attack, they wished to:

"attack several high corporate entities. Shortly after the start of the operation, we plan to release precious classified data on the already set out list of targets we do have. Those targets are none other then the ones who ultimately rule: the high revenue making companies of the world. While attacking the major companies of 8this planet may seem lulzy, we also wish that this operation make a difference."

Though it attracted some attention, this campaign never got off the ground.

Group #2: Regional

The local versions, by contrast, are much more proactive. No incident required to invoke a response. For the best examples, letís go to Latin America. In Brazil, Argentina and Mexico there have been numerous attacks that did not react to any specific incident. Rather, the idea was attack for the sake of attack. Though we canít give precise numbers since itís very difficult to follow activity globally, but it seems quite clear that this category of attacks is much higher by volume. In Brazil Anonymous attacked several major Brazilian government agencies, two major airlines and recently took down most government agencies in Rio. In Argentina, where several attacks took down banks and government agencies as well.

What are the lessons?
  • Anonymous may be quieter, but only in your region.
  • Anonymous is much more active in developing countries, where presumably there is a larger pool of politically motivated hacktivists.
  • Watch out for incidents that can spark a global response.

Spotlight

Whitepaper: Zero Trust approach to network security

Posted on 20 November 2014.  |  Zero Trust is an alternative security model that addresses the shortcomings of failing perimeter-centric strategies by removing the assumption of trust.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Nov 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //