Coming in somewhere around 20% of all cyber-attacks, hacktivism is on the rise, and nobody is safe. Just ask big names Sony Pictures, JP Morgan Chase and the American Broadcasting Network, all of whom have become victims of these socially motivated crimes. And given the emotionally charged political state in both the US and around the world, it’s only logical to assume this number will continue to climb.
So how can you protect your organization from a potential hacktivist attack? Here are seven proactive measures you can start taking today for a stronger defense tomorrow.
Don’t poke the bear.
Many hacktivist-driven cybersecurity attacks are inadvertently provoked by news that is released by the target, such as a press release, website content or social media post. Be mindful of the types of announcements and news you’re sharing to ensure none of the information contained within could be erroneously perceived as a threat or challenge to your would-be attackers.
Make sure your defense strategy is up to par.
It’s been said time and time again that the best defense is a good offense, and this is certainly true when it comes to cybersecurity – including hacktivism. You should be regularly auditing your monitoring systems and employing the best available automated incident response platform if you want to prevent potential breaches.
Secure your accounts.
Many hacktivism attacks occur when criminals obtain unauthorized access to a company’s systems and accounts, particularly social media profiles. The damage that can be done if someone unsavory were to take over your social accounts could be potentially devastating. Fortify your security measures by using strong passwords and requiring two-factor authentication.
Have a solid IR plan at the ready.
Beyond incident response from a technology standpoint, hacktivism adds a layer of complication in that it requires a more public-facing response than other types of cybersecurity issues. While the hope is you’ll never fall victim, the reality is there’s a good chance you will, so be prepared from a corporate communications/public relations standpoint. The quicker and more confidently you can respond, the less chance of serious fallout occurring.
Be forthcoming with affected parties.
Nobody wants to have to tell another business or group of customers that their sensitive data has been compromised – especially if it’s due to a misstep on your part, but having difficult conversations in light of a hacktivism attack is a necessary evil. In the event of a cybersecurity breach, confirm all the facts as quickly and accurately as possible, then develop a remediation strategy that can be immediately communicated to customers and partners that have been affected. The sooner you work to get things under control, the better.
Learn from your mistakes.
If you have become a victim of a hacktivist attack, you can take a negative situation and turn it into a positive by analyzing how your IR and remediation process actually played out. This can allow you to identify areas where improvements can and should be made and enable the development of best practices for dealing with such incidents in the future.
Last but not least, keep your ear to the ground and your fingers on the pulse of what’s happening in the world around you – particularly as your business pertains to things. Being alert and vigilant can help you recognize and proactively protect against potential risks.
Hacktivist attacks are increasing in both number and complexity. If you haven’t yet taken the right steps to strengthen your defense, you could be placing your organization in harm’s way. Check out these top 5 cybersecurity playbooks that you can employ and start automating your way to a safer company.