According to a recent news report, the FBI is warning law enforcement personnel about limiting their exposure on social media accounts. The article cites potential threats from hacktivists in relation to the recent Baltimore riots.
This story is an example of the evolution of hacktivism – the act of hacking for politically or socially motivated purposes. What had years ago been considered almost a benign activity, hacktivism is increasingly being used as a tool for terrorist groups and similar factions to spread propaganda.
Hacktivism as Assymetric Warfare
The Internet has always been a militarized environment where governments and other groups play out their agendas. After all, the tools for creating havoc are readily available online.
Commercial enterprises often find themselves as pawns in international disputes. Or they become collateral damage from attempts to disrupt the assets of opposing groups and beliefs.
The only real surprise is that so many commercial and government groups believe they are immune from cyber-warfare or think they are of no interest to warring parties. The truth is, everyone with an Internet connection operates on a shared resource. Therefore, you are subject to the many cyber attacks occurring every day.
The Internet also creates opportunities for parties of limited resources to conduct asymmetric warfare and create significant damage with little risk of reprisal. Groups bent on anarchism or the destruction of the status quo have significant capabilities within the online realm.
Defending Against Hacktivism
Both government and commercial enterprises can defend themselves from the actions of hacktivists. But it usually requires more focus and resources than many organizations are willing to provide. At least until they find themselves victims of a cyber attack. But even then, few organizations learn their lesson. Most are attacked and compromised repeatedly because they mistakenly believe that real cyber defense is impossible or impractical.
In some cases (i.e. Target, Sony Pictures and others), only after a change in management do we generally see organizations implement appropriate culture, process and technology to provide reasonable defense against cyber attacks.
Given how easy it is to obtain offensive cyber weapons, and how little consequence there is for their use, we may see some horrific outcomes in cyberspace along the lines of a cyber-Peal Harbor. Maybe then governments would be motivated to implement effective cyber security technologies, laws and policies.