10 Ways to Deal With Hacktivist Attacks

10 Ways to Deal With Hacktivist Attacks

10 Ways to Deal With Hacktivist Attacks10 Ways to Deal With Hacktivist Attacks

Hacktivists are not always looking for financial gain. They often exploit weaknesses so they can embarrass a company. Here are 10 tips for coping with attacks.

Don't Provoke Potential HackersDon’t Provoke Potential Hackers

Press releases about the advanced security of your organization run the risk of provoking hacktivists, so review social media posts, website content and press releases to be sure they can’t be perceived as a challenge to hackers.

Keep an Ear to the GroundKeep an Ear to the Ground

To ensure that your defenses, detection mechanisms and response capabilities are based on sound threat intelligence, monitor social media, discussion forums and the DarkNet. Partner with an organization with in-depth experience doing this.

Secure Your EnvironmentSecure Your Environment

Develop a mature security program. Perform regular penetration testing, in the form of Red Team and Blue Team exercises. Focus on attack patterns associated with hacktivism, such as data leaks, website defacement and social media account takeover.

Safeguard Social Media AccountsSafeguard Social Media Accounts

To secure your social media accounts, use two-factor authentication and strong, varied passwords, and train the staff members who manage social media in proper security awareness.

Protect Third-Party ServicesProtect Third-Party Services

An attacker doesn’t need to compromise vulnerabilities on your servers if he or she can compromise the account details for the admin panel used to manage the remote virtual environment. So address this issue with account security password best practices.

Prepare and Initiate Your IR PlanPrepare and Initiate Your IR Plan

Initiating an incident response (IR) procedure as quickly as possible will help effectively manage the incident. Depending on the type of incident, engaging with corporate communications, public relations firms and legal counsel early will help lessen wider fallout.

Scope and Triage the Incident QuicklyScope and Triage the Incident Quickly

Because the principal motivation for hacktivism is to cause disruption and embarrassment, it’s not uncommon for different attacks to occur simultaneously. To manage simultaneous yet distinct incidents, form multiple IR teams and pay extra attention to resource management.

Proactively Communicate With Affected PartiesProactively Communicate With Affected Parties

Quickly confirm facts related to a breach. Then develop a remediation strategy and communicate it to customers and partners to help mitigate the effect of the attack.

Think Carefully Before Engaging Law EnforcementThink Carefully Before Engaging Law Enforcement

Engaging law enforcement is a double-edged sword: The resources and assistance are generally welcome, but the objectives of law enforcement-led investigations may not align perfectly with your organization’s needs.

Engage Law Enforcement at the Right TimeEngage Law Enforcement at the Right Time

Quickly engaging law-enforcement sends a positive message to the affected parties, but the decision to do so should not be taken lightly because of legal and regulatory responsibilities.

Karen A. Frenkel
Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles