Now that hacktivist groups have entered the fray supporting mass protests in Hong Kong, online attacks against organizations have escalated in a matter of days. As agents of the online hacktivist movement continue to target the websites of government, education, health, and other industries, what can web administrators do to prepare for them?
Indeed, the list of target sites is long and, for web admins, full of terrors. Thousands of emails, passwords, and files were reported to have already been leaked to various online forums. As far as the hackers are concerned, leaking sensitive data appear to be a priority. With online postings that detail steps and provide tools on how to perform web defacements, DDoS, and data breach attacks, do web administrators stand a chance?
To survive the blow of having to deal with hacktivist attacks, organizations should be able to answer yes to all these questions:
Did you update all your systems?
One basic step to avoid being exploited is by ensuring that all IT systems (OSs, applications, websites, etc.) are updated. Moreover, it makes a huge difference for companies if security systems are up-to-date and comprehensive. Security solutions should be able to detect attacks across various endpoints in real time.
For the longest time, spear phishing emails and social engineering methods have been used to gain entry into company sites and networks. Don’t fall for the same trick that have managed to fool thousands. Make sure relevant third party vendors know these too!
Do you have an incident response plan in case things go south?
Make sure incident response plans are transparent across all necessary parties. Make the plan comprehensive enough to cover a variety of scenarios, including DDoS attacks, web defacements, and data leaks. Also prepare well-reviewed public statements that you can use in case of an attack by a hacktivist group, a criminal, a nation state, an insider, or a terrorist.
Did you check if you’re already a victim?
Many hacktivist groups post a list of their target sites along with those they have already stolen data from. Check if your organization is on those lists by monitoring their posts, statements, and data dumps. If you’re not in any of these, continue monitoring in case of changes and review your networks for signs of breach or compromise.
We have learned from past incidents that the best time to prepare for hacktivist attacks is always now. Even as hackers announce the date of their attacks, these can’t always be trusted and can put vulnerable sites at risk. Always be ready even if your industry isn't being targeted, as even those out of the usual lists can be hit.
Like it? Add this infographic to your site: 1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).