Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Haxposure – threat of being exposed

Nick FitzGerald, Senior Research Fellow, ESET Asia Pacific | March 29, 2016
Nick FitzGerald of ESET Asia Pacific explains what is haxposure and why organisations should pay attention to it.

This leads us to believe that we can categorise such cases under a new level of hacktivism.

Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose. Of course, it is reasonable to argue that genuine hacktivism does not include specific demands, which attackers made in the case of Ashley Madison and Hacking Team. While these cases may not completely have moral ethics as their primary objectives, we can definitely draw some parallels.

Several factors have combined in recent years to increase the risk of these kinds of attacks, including the accessibility of hacking tools, online publication tools (WikiLeaks, Pastebin, etc.) along with the increasing reach of social media, which together contribute to the possibility of malicious cyber-attacks like haxposure. Similarly, as technology develops and more devices come online, cybercriminals have more opportunities than ever before to find their way onto the network.

The rise of haxposure in the future depends on several factors, including the extent to which organisations educate themselves about this threat and continue to take appropriate counter measures. Unfortunately, it is also possible that haxposure will be encouraged by risky corporate secrecy. Hackers who feel they have morality on their side and a right to act as arbiters of justice may feel inclined to seek out further secrets and expose them, potentially damaging innocent victims in the process.

It is vital for organisations to understand the implications of this kind of attack and do everything they can to get their security basics right, including having the right robust authentication, anti-malware and encryption solutions in place, as well as ensuring they have a reliable backup and disaster recovery plan. Having an insider threat monitoring system in place is also a plus, as in many cases, a trusted party has the ability to cause far more damage than an external attacker. By ensuring that you have your proverbial 'security ducks in a row', business owners will be able to fully embrace and appreciate the advantages that the web and connected technologies bring for business, while being safe in the knowledge that their staff, customers and assets are protected.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.