Due to the increased availability of highly developed attack tools, enterprise class hardware and social media platforms that bring together like-minded individuals, hacktivism isn't merely on the rise but may actually be thriving. Ideological hacker collectives have been able to quickly mobilize forces and access the botnets and resources they need to launch sophisticated cyber attacks as a means of protest, exacting revenge, or distributing propaganda.
Hacktivism: Targets, Tactics and Strategies
Because visibility is of the utmost importance to those who engage in hacktivism, prominent media outlets and popular Web services are increasingly finding themselves the victims of cybercrime, along with familiar targets like government agencies and financial institutions.
To make political statements or damage the reputation of companies, proponents of hacktivism use a variety of tactics to deface or block access to digital properties, conduct virtual sit-ins, and gather confidential information and intelligence. The strategies they most frequently use to compromise an organization's online presence include SQL injection attacks, brute force attacks, and distributed-denial-of-service (DDoS) attacks. Because DDoS applications like the Low Orbit Ion Cannon can be made available easily to interested groups and individuals, network attacks are easier than ever to initiate.
How Organizations Can Overcome the Threat Proposed by Hacktivism
As hacktivism becomes commonplace, its followers gain experience and learn how to develop and carry out elaborate multi-vector attacks—adapting their tactics in real-time in response to the detection and mitigation efforts taken by network security officers. Therefore, enterprises under threat conditions— meaning any organization in possession of IT assets and dependent on an online presence—have to be proactive, swift, and flexible in handling possible attacks.
A major difficulty faced by enterprises is detecting and eliminating threats while maintaining business as usual. During an attack, IT personnel will be taken away from other critical projects, and the corporate IT infrastructure can suffer lasting, detrimental effects—not to mention the public relations nightmare that can ensue. Furthermore, although traditional on-premises security devices are a crucial means of protecting companies against hacktivism, such devices can fail to detect application-layer attacks and crumble in the face of outsized, massively distributed threats.
For organizations that cannot afford to expose their data and systems to hacktivism, Akamai offers proven expertise, the capabilities of our globally distributed Akamai Intelligent PlatformTM, and a multi-layered, always-on approach to web security.
- Deployed in distributed locations across the Akamai global content distribution network, our Kona Web Application Firewall detects and blocks potential attacks in HTTP and HTTPS traffic, mitigating application-layer threats within the Akamai platform before they reach your data center.
- Our DDoS prevention service, Kona Site Defender, continuously inspects both the application layer and the network layer, absorbing or deflecting the most common types of cyber attack while ensuring the availability and performance of your Web site.
Learn more about how these and other Akamai Cloud Security Solutions can protect your company's IT assets from hacktivism.