<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">
Skip to content

Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

Hacktivism: Should it Really be on Your Radar in 2015?

Back in 2012, Verizon labeled 2011 as the year of the hacktivist, as 58% of all data stolen was the result of hacktivism attacks. Attention seems to have shifted to cybercrime at the enterprise level, but CISOs must stay alert to hacktivism.

The truth is that hacktivism attacks are growing larger every year and all companies are susceptible.

What are the Numbers Saying?

Cybercrime is often separated from hacktivism in terms of security threats. Studies found that in late 2014, cybercrime accounted for 70.8% of attacks while hacktivism came in at 18.1%. Despite a lower percentage, hacktivism is still a major concern. Hackers have become more powerful, upping their ability to flood enterprise networks from 100Gbps in 2011 to upwards of 400Gbps in 2014.

HacktivismAlthough some of the biggest hacktivism collectives are dying, major entities are rising in the interim. In an effort to spread a public message, hacktivist groups like ISIS and the Syrian Electronic Army target governmental figures and departments. However, hacktivists can target any industry or company, and if you think you’re immune, take a look at some of these high profile victims:

  • Sony Pictures: In 2014, suspected North Korean hacktivist group Guardians of Peace (GOP) breached Sony, allegedly because of greedy and criminal business practices.
  • JP Morgan Chase: Bloomberg reports that Russian hackers attacked the financial institution and the FBI has investigated whether or not it was in response to government sanctions imposed on the country.
  • TV5Monde: Hackers claiming allegiance to Islamic State kept the French-language broadcaster off the air for the better part of a day and took control of the station’s website and social media outlets.
  • American Public Broadcasting Station: Back in 2011, hacktivist group LulzSec attacked PBS, stealing scores of user data and posting fake stories to the website. This was expected to be in defense of the WikiLeaks scandal and its supporters.

Hacktivism is considered to be a cyber attack with political of social undertones. Although governmental messages are involved, there is no telling what entity will actually be attacked. The unpredictability of these cause-driven attackers makes it essential for CISOs to be prepared.

The Distributed Denial of Service Nightmare

Hacktivism attacks aren’t just after financial gains or customer data. Publicity is a major goal because of the social message attackers are trying to convey. Distributed denial of service (DDoS) attacks are the key vehicle for hacktivists to get their message across.

HacktivismAs mobile devices and apps grow increasingly important to businesses of all sizes, hackers are finding ways to exploit endpoint weaknesses. Because of the growing amount of public-facing applications, hackers can steal user credentials, get into the enterprise cloud and steal any amount of corporate data. With hacktivism, the threat goes even deeper.

Once a hacktivist has gained access to user credentials, they can deploy malware into the system with phishing. The malware spreads throughout the network, using bots to steal more login information until the hacker has a litany of endpoints to attack with. Controlling so many user accounts allows hacktivists to flood weak targets with massive amounts of packets until the site or system crashes.

DDoS attacks are some of the most dangerous threats in the cybersecurity landscape. Costing approximately $40,000 per hour, CISOs can’t afford to fall behind on hacktivist DDoS security.

How to Avoid a Hacktivism Disaster

Studies show that user devices factor into 82% of web app attacks and 95% of DDoS attacks involve credentials that were stolen from the users themselves. It’s clear that protecting endpoints is an essential start to defending your organization from hacktivists.

Identity access management is key to hacktivism security. Information Age reports that “if you are not already using multi-factor authentication, then start using this, at least for sensitive applications and those that are public-facing.” Total control of mobile endpoints isn’t 100% feasible, but CISOs must do everything they can to prevent phishing attacks that may lead to the dangerous DDoS attacks that hacktivists conduct.

One thing that IT can control is network design. It’s not enough to just deploy a firewall and threat detection solutions hope that it protects you from every attack – you need to be sure that your defenses are set up to work the heavy load conditions generated by DDoS attacks. That means architecting a solution that includes system redundancy and load balancing of traffic across all appliances. As attacks become more sophisticated and targeted, it is critical that companies eliminate known weaknesses as quickly as possible.

Download, How to Determine Your Baseline Traffic, by Tim O'Neill, for a step-by-step guide with typical measurements and screen shots.

 

Written by Chris Bihary

Chris Bihary, CEO and Co-founder of Garland Technology, has been in the network performance industry for over 20 years. Bihary has established collaborative partnerships with technology companies to complement product performance and security through the integration of network TAP visibility.

Authors

Topics

Sign Up for Blog Updates