Posted by: Michael Morisy
Cloud security, Hacktivism, RSA, RSA 2011, Wikileaks
Prepping for RSA, my days this week have been jam-packed with pre-briefings. Most of the announcements I’ve come across have been rather ho-hum: Product line updates, new partnerships, sales goals completed (Got something more exciting? Drop me a line). But one thing that has come up again and again is a more widespread awareness of the dangers of politically or ideologically-motivated attackers, or “hacktivists.” Much of the interest is, of course, stemming from WikiLeaks‘ Cablegate release as well as the planned bank disclosures. But the halo affect has hit far beyond the central players involved: PayPal suffered disruptions, as did a security firm that helped root out the identities of Anonymous attackers.
Several analysts I’ve talked to have said that this awareness is going all the way up to the C-level, and that it brings some real measurable impacts in how attacks are carried out:
- For one, the attacks are not typically planned in the back channels that financially-driven attacks are, but often out in the open, in forums and Facebook.
- All press is bad press: One security-minded firm stated that companies are complaining that any mention in the major media is driving attacks.
- While the tools are often the same (DDoS attacks, data leakage), the participants are a different class, operating from both the inside and the outside in ways that opt more towards disruption and high-profile publicity rather than sustained effort.