What Is Hacktivism? Cyberterrorism Concerns for Small Businesses

Summary: Small business networks are sometimes used by hacktivists and other cyberterrorists to gain access to larger infrastructure targets through connected networks or malicious insider threats. Learn about cyber warfare threats and the cyber defense solutions available to protect your SMB against these attacks.

When discussing cyber security, we tend to limit our discourse to how cyberattacks threaten our personal computers and business networks. However, cyber warfare exists on a far grander scale: it targets countries and states and involves espionage to gain a military or strategic benefit. What is cyber warfare? It is perilous, as it can infiltrate and sabotage critical networks. The goal is to disrupt a country or state. Small businesses sometimes become unwitting accomplices to these hacktivism and cyberterrorism attacks due to inadequate network cyber security. Some of the threats include:

• Sabotaging Infrastructure – These attacks focus on our power grids, telecommunication systems, traffic lights, water-processing plants, air traffic control, and other vital support systems.
• Hacking Banks and Credit Institutions – Imagine the panic we’d experience if people suddenly could not access their money. Further, think about the implications to the country if massive portions of our economy were frozen in place and funds were either stolen or inaccessible.
• Targeting Individuals – Cyber warfare encompasses an expansive geographical target landscape, but individuals in positions of power or influence can also be attacked. Once they are breached, the attack can spread to other high-level targets and to any organizations or municipalities they represent.
• Breaching National Security, Local Law Enforcement and the Military – There are military troops and national security installations all over the world. Communication, navigation and programmed, automated defenses could come under a cyber warfare attack, weakening a country’s military posture. At their worst, cyber warfare attacks can even cause physical harm to individuals.
• Launching of Large-Scale Data Breaches – Many governments and large corporations have already fallen victim to major data breaches. Data breach targets might include government classified documents, C-level corporate identities, trade secrets, financial institutions, credit cards, large companies and their employees, vendors and customers. Scary stuff, huh?

As real-world wars have offensive and defensive components, so does cyber warfare. Cyber warfare can be comprised of one or many separate cyberattacks. Here are some of the methods used to launch cyber warfare:

• Viruses, Worms and Other Malware – These are not your father’s computer viruses. Public utilities can be infected with malicious code that can spread between networks throughout our most critical connections and cause them to falter or fail altogether.
• Ransomware – Ransomware is a type of malware that is increasingly popular with cybercriminals. It’s bad enough for an SMB to face a ransomware attack. But envision all of the possible consequences of holding hostage a country’s most critical data and networks – such as the electrical grid for New York – for ransom. At this level, the ransom requests could be enormous and might be used to finance future attacks.
• Corporate and National Espionage – Skilled hackers steal confidential information to sell to other bad actors or to expand their own criminal activities. Even computer networks thought to be highly secure can still be hacked in some way. Stealing credentials, installing spyware to monitor activities and breaching private data are all part of cyber warfare.
• Massive Distribution of Misinformation – Digital propaganda and all kinds of misinformation can pollute a country's media, including television, radio, podcasts, print publications and reprints, social networking platforms and anywhere else false information can be spread. In this instance, the goal is to subvert the target country by affecting public opinion and undermining public trust.
• DDoS Attacks – DDoS (distributed denial of service) attacks use a botnet (a network of malicious code embedded and hidden on devices) to blitz and overwhelm websites by sending many fake requests in a short period of time, making it necessary for the sites to be taken offline.

What is Cyberterrorism? Avoid Becoming an Accomplice

Wikipedia (https://en.wikipedia.org/wiki/Cyberterrorism) defines cyberterrorism as “…the use of the Internet to conduct violent acts that result in, or threaten, the loss of life or significant bodily harm, in order to achieve political or ideological gains through threat or intimidation. Acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet utilizing tools such as computer viruses, computer worms, phishing, malicious software, hardware methods, programming scripts can all be forms of internet terrorism.”

Surprisingly, many of the worst cyberattacks come from users within the affected network. Inside jobs can be instigated by members of organizations, companies, municipalities and government agencies. Either intentionally or by accident, insiders are often the sneakiest threats or weakest links in network security. Many attacks are launched by whistle-blowers, data leakers and hacktivists whose goal is to divulge sensitive data to bring about change. Small businesses must think about what cyberterrorism is and how their business network might inadvertently contribute to an attack.

Hacktivism: Monitor Employee Communications Regularly

The word hacktivism comes from combining hacking and activism. Hacktivism applies digital hacking techniques to break into computer systems for social causes. It is used for political or social purposes to make ideological statements, issue threats or make demands. These hacktivists may access targets through connected networks or supply partners. A hacktivist in your employ may use company devices for communication of their hacktivist agenda. Cyber security professionals can help with secure device and firewall settings, email filtering and employee security monitoring solutions.

What is Cyber Warfare? Preparing for the Possibility

Governments and large companies spend a lot of money on top-of-the-line cyber security tools, processes and protocols, as well as dedicated IT security expert staff. Vigilance is imperative in protecting against cyber warfare.

However, SMBs and individual users do not have the monetary resources for a dedicated team to apply advanced cyber security solutions. Therefore, outsourcing cyber security is a more cost-effective approach. After performing a cyber risk analysis, IT security professionals can install many defensive tools such as advanced antivirus software with monitoring, VPNs, endpoint protection software and other robust protection measures. They can also train your staff and create documented security protocols to get everyone on the same page and tighten any weak links.

Cybercrime is never going away, and cyber warfare is gaining momentum. However, by installing advanced software, keeping your system up to date, training employees and regularly monitoring your network security, you can transform your computer network into a far less attractive target for cybercriminals.