What is Hacktivism?
Hacktivism provides an avenue for both experienced and nascent threat actors to feel active in a social, political, or controversial event. The question is if the activity is effective or does it fall short of accomplishing loose objectives that may or may not be aligned with a specific group or country. The events occurring in Israel now have been met with a response from pro-Palestinian and pro-Hamas hacktivists seeking to cause disruption. But that’s just it, most of the attacks are only disruptive in nature and do not cause harm or make a difference in the outcome of an issue. Tactics such as DDoS attacks or website defacements cause little damage to an organization or nation. Additionally, most critical websites are secured or have the capacity to defend against DDoS attacks. Other websites may be immune if you believe hackers have a conscience as they suggest and claim they will not attack a hospital website.
Yet, hacktivism is a very real phenomenon that cannot be ignored due to the ability of a group to crowd source attacks. Sometimes, a movement can become large enough and hit a soft enough target, the attack can be successful. The security industry loves to say the attacker only needs to be right once. One thing that hacktivism does is allow security researchers to learn a little more about a group’s motivations and potentially their source. Interestingly, the defacements can be a clue into a larger disinformation campaign. Each act leaves breadcrumbs to trace and investigate. So, while most attacks are disruptive, they expose the threat actors (especially if they are not very good at what they do). Companies do need to prepare for these types of attacks and understand that they may become a target of hacktivism if they are vocal in support of a cause. Hacktivism is a real tool that threat actors use as a first step in their process of targeting organizations and nations to spread disinformation.