Hacktivism, as practiced under the name Anonymous, is about publicrelations opportunism and any organisation could become a target ifa political rationale can be retro-fitted to the attack, accordingto a leading web security researcher. "In hacktivism it's all about the PR impact," Tal Be'ery, websecurity research team leader at Imperva's Application DefenseCenter (ADC), told CSO Online. "It doesn't matter to the presswhether a really significant site was taken down, DDoSed orwhatever. It's all about being successful, no matter what." From a PR point of view, the specifics of how the hacktivistaffects the target don't matter. Whatever happens, the hack willgenerate media coverage for the cause. Nor does it matter specifically who the target is. Be'ery reckonsthe targets are chosen opportunistically, based on a wide searchfor vulnerable sites. "Sometimes you find the target first, and then come up with thecause or a [justification for] the cause to be relevant," hesaid although he was reluctant to generalise about motives. "There are many groups out there doing hacktivism, and it's notlike you have to get a license," he said. However it does seem that the hacktivists prefer a real hack over aDDoS. "We believe that DDoS is the last resort of the hacker, because ifthe hacker can do a real hack on the server... to steal the data ordeface the site, then it's the preferable mode of operation becauseyou need less resources in order to do it," Be'ery said. "We can prove it over specific cases we've seen that only when theattackers were not successful in hacking the site using a webapplication vulnerability then they went to the DDoS option,because ultimately DDoS doesn't need any vulnerability really inorder to be successful. You just have to create enough traffic inorder to take the site down and jam the connection or otherresources." Be'ery was reluctant to identify those specific cases, saying onlythat Imperva's team has monitored Anonymous' attacks unfolding inreal time within the last twelve months through their clients'networks as well as their own honeypot array. A DDoS significantly increases the visibility and exposure of theattackers as they recruit hundreds or thousands of participants,using familiar Web 2.0 tools like Facebook pages, Twitter accounts,YouTube movies and blogs. "Having some kind of Google Alert from the defending side point ofview is a smart thing to do," Be'ery said. Be'ery will be presenting further findings from his team's research at the AusCERT information security conference later this month. Contact Stilgherrian ator follow him onTwitter at @stilgherrian Follow @CSO_Australia and sign up to the CSO Australia newsletter . We are high quality suppliers, our products such as China Hair Coloring Tools , China Round Hair Brush for oversee buyer. To know more, please visits Hair Salon Cape.
Related Articles -
China Hair Coloring Tools, China Round Hair Brush,
|