Due to the increased availability of highly developed attack tools, enterprise class hardware and social media platforms that bring together like-minded individuals, hacktivism isn't merely on the rise but may actually be thriving. Ideological hacker collectives have been able to quickly mobilize forces and access the botnets and resources they need to launch sophisticated cyber attacks as a means of protest, exacting revenge, or distributing propaganda.
Because visibility is of the utmost importance to those who engage in hacktivism, prominent media outlets and popular Web services are increasingly finding themselves the victims of cybercrime, along with familiar targets like government agencies and financial institutions.
To make political statements or damage the reputation of companies, proponents of hacktivism use a variety of tactics to deface or block access to digital properties, conduct virtual sit-ins, and gather confidential information and intelligence. The strategies they most frequently use to compromise an organization's online presence include SQL injection attacks, brute force attacks, and distributed-denial-of-service (DDoS) attacks. Because DDoS applications like the Low Orbit Ion Cannon can be made available easily to interested groups and individuals, network attacks are easier than ever to initiate.
As hacktivism becomes commonplace, its followers gain experience and learn how to develop and carry out elaborate multi-vector attacks—adapting their tactics in real-time in response to the detection and mitigation efforts taken by network security officers. Therefore, enterprises under threat conditions— meaning any organization in possession of IT assets and dependent on an online presence—have to be proactive, swift, and flexible in handling possible attacks.
A major difficulty faced by enterprises is detecting and eliminating threats while maintaining business as usual. During an attack, IT personnel will be taken away from other critical projects, and the corporate IT infrastructure can suffer lasting, detrimental effects—not to mention the public relations nightmare that can ensue. Furthermore, although traditional on-premises security devices are a crucial means of protecting companies against hacktivism, such devices can fail to detect application-layer attacks and crumble in the face of outsized, massively distributed threats.
For organizations that cannot afford to expose their data and systems to hacktivism, Akamai offers proven expertise, the capabilities of our globally distributed Akamai Intelligent PlatformTM, and a multi-layered, always-on approach to web security.