The war in Ukraine has seen the emergence of highly-disruptive cyber criminals, motivated less by money than ideology, writes analyst Manish Gohil in Cyber Defense Magazine.
These ‘hacktivists’ are actively targeting businesses to further their interests – those backing Moscow have been posing a threat to Western states as well as the operations and reputation of organisations. Corporate exposure to pro-Russia hacktivism is substantial. Yet it does not appear to be a priority concern for businesses, leaving them exposed to attacks in what is a rapidly evolving threat landscape.
Hacktivist groups, both current and past, have sought to cause nuisance and disruption to both governments and corporations, in line with their ideological goals. For example, we have seen this last year with high-profile data breaches by an environmental hacker collective called ‘Guacamaya’, impacting national governments and militaries in Mexico and other parts of Latin America. Their tactics are not particularly sophisticated (typically involving website defacements and Distributed Denial of Service or DDoS) attacks – that is the flooding of target networks with an overwhelming amount of traffic). The operations are often timed to result in maximum disruption.
However, many corporate cyber teams do not appear to be looking at these threat groups as seriously as they should, putting their companies on the back foot, across a range of geographies. I argue that this stems from a limited understanding of the geopolitical and security landscape and the developments spawning these groups, as well as a weak grasp of how, when and why they operate, and who they are intent on pursuing.