All you ardent PC Magazine readers already know that our magazine now has a new and redesigned presence online. However, the website is still under beta testing, as we add new and exciting features into it. And putting anything under ‘beta testing mode’ means new security holes can pop up anytime, anywhere.
So, it didn’t come to me as a surprise, when my colleague Hatim Kantawalla messaged me the other day, saying that our website PCMag-MidEast.com had gotten hacked. I quickly logged onto the website to assess the damage – all the headlines of each entry (reviews, news and so on) were changed to “Hacked by” statements.
I copied the name of the hacker and Googled it out. Google threw up umpteen search results suggesting that the damage done was a handiwork of some politically influenced activists. Apparently more than 100 websites from the UAE region, including the website of a daily newspaper and key Arab government, university and company websites were hacked.
According to news reports the Iranian hacking team, which called itself ‘Mafia Hacking Team’, said that the hacking exercise was conducted to protest the change of the name of ‘Persian Gulf’ into 'Arabian Gulf’. Apart from PC Magazine’s website, other prominent regional websites hacked by the group included UAE's al-Khaleej newspaper, Arab League Gulf, Iraq's Higher Education Ministry, UAE's Abu Dhabi Police Office, Saudi Arabia's Mayadin University, UAE's People's Board, and Oman's Gas Company.
I believe Hacktivism is soon building itself as the new form of Cyberterrorism. Formed by combining ‘hack’ with ‘activism,’ hacktivism is the act of hacking into a website or computer system in order to communicate a politically or socially motivated message.
Unlike a malicious hacker, who may disrupt a system for financial gain or out of a desire to cause harm, the hacktivist performs the same kinds of disruptive actions (such as a Denial of Service attack) in order to draw attention to a cause. For the hacktivist, it is an internet-enabled way to practice civil disobedience and protest, in order to advance political causes.
Hacktivism indeed is becoming a disturbing trend, and one which can have serious ripple effects that interfere with internet operational continuity — sometimes in ways which we may have not even thought of yet. The availability of social networks and 'hacktivist' tools do contribute to both increasing number of attacks and their effectiveness.
Most professionals that closely follow politically motivated computer crimes and hacktivism believe there has been a steady increase in activity for several years, with ups and downs following political events in the real world (such as Olympic protests, Israeli-Palestinian conflicts, and so on).
These attacks purely demonstrate not only the viability of online attacks to support the political agendas of the antagonists; they show that in the virtual world, third parties thousands of miles away from the conflict and not directly involved could become protagonists or victims of the online skirmishes.
Such instances allow countries or organisations to insert their agenda into the situation with minimal chance of detection. In such as scenario, corporations around the world need to understand the unnecessary threat posed to their organisations by individuals and groups with political agendas.
Hence you might want to rethink the IT security policies of your organisation with utmost care. First you need to determine if your organisation is a potential target of such attacks. Next, perform regular formal risk assessments. Develop comprehensive incident response plans and test them regularly. Analyse your network infrastructure and perform regular scans for malicious activities. By doing so, you can at least keep security holes at bay. Remember, prevention is always better than cure.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment