I was changing the channels this weekend and landed on the local news. Before moving on, I happened to catch two “local” stories: 1. Citizen’s Bank, a fairly large regional bank based here in New England was experiencing a Distributed Denial of Service (DDOS) attack. A group of Iranian hackers called the Martyr Izz ad-Din al-Qassam Cyber Fighters claimed responsibility. 2. The hacktivist group Anonymous hacked the website of the U.S. Sentencing Commission, (www.ussc.gov) to protest the prosecution and eventual suicide of Aaron Swartz. Website defacement and DDOS attacks are nothing new but they have grown in numbers and sophistication over the past few years. In fact, hacktivism may represent a more pervasive type of threat than cyber crime or state sponsored cyber espionage. If someone doesn’t like you or your organization, or your firm is engaged in some unpopular activity, you are more likely to suffer a cyber attack than ever. This situation will only get worse as hacking meets globalization. For the most part, information security professionals understand this threat. In a recent ESG Research survey, 46% of security professionals claimed that political hacktivists posed the greatest cybersecurity threat to their organizations – more than organized crime, cyber espionage, or foreign governments. Like it or not, hacktivism is a new form of political protest that could come from anyone or anywhere in the world. As a result of this reality: 1. Cybersecurity impacts organizations of all shapes and sizes. The bad guys know that regional banks and small organizations have fewer cybersecurity resources and skills than large shops. This makes these organizations attractive targets for cyber crime or hacktivist activities. As information security gets increasingly complex, these firms are likely to hand the keys to MSSPs like Dell, IBM, Symantec, or Verizon. 2. CISOs and security professionals should probably keep up with any “chatter” that directly or indirectly includes their organization, industry, product, or service. Remember that one news event could change increase risk on a moment’s notice. 3. The same thing goes for tracking company insiders – employees, contractors, even customers. I’m not suggesting an Orwellian response but someone should be paying attention to this; especially as it relates to IT professionals who may have an axe to grind. The local news here in Boston is paying more attention to cybersecurity. Hopefully, more information security professionals understand the ramifications here – pedestrian cybersecurity news probably means an increase in cybersecurity activity. As for the folks in Washington, they still don’t get it.
Hacktivism and commonplace security attacks are on the increase. What does this mean?
Sizing Up Symantec 4.0Next Post
Big Data Security Analytics or Big Data IT Analytics?
The FCC on Tuesday warned that it will no longer tolerate hotels, convention centers or others to...
Its cloud business is now half the size of Salesforce, and the gap is closing quickly.
Buyers of the earthly explanation for whatever fell from the sky in Roswell, N.M. back in 1947 are...
Sponsored by AT&T
Sponsored by Brocade
Amazon Web Services today launched a new product to its expansive service catalog in the cloud:...
Years in the making, network upgrade enables Florida county to improve services while saving a bundle
It wasn't just Apple's best quarter ever. It was the best quarter any company has ever had, ever.
Social Engineers work on multiple levels. The key to their success is to target human nature and...