Are you protected against hacktivists?

When I was Utah's CIO, we were preparing for the Salt Lake City Olympics. One of the IT related issues was protecting State of Utah network assets from attacks by people who might want to use the publicity of the games to make a political or social statement.

When I was Utah's CIO, we were preparing for the Salt Lake City Olympics. One of the IT related issues was protecting State of Utah network assets from attacks by people who might want to use the publicity of the games to make a political or social statement. We definitely noticed a increase in activity--and we took steps to counter it. Still, what we faced in 2002 doesn't compare to what small groups of determined individuals can do today.

What's changed the game? Botnets. We were definitely worried about denial of service attacks, but the scale of the attacks that likely threats could mount were limited by the size of the resources that they controlled. Now, as the junk pouring into your mailbox testifies, there are a number of groups who control large armies of compromised computers--all connected to broadband--who are willing to sell the use of their botnet to anyone willing to pay.

An excellent article at NetworkWorld talks about the recent attacks against the Estonian government and what they may portend for others. The potential targets extend well beyond government computers and networks. Corporate networks are also at risk from those interested in making a statement.

Botnets allow small numbers of people to control vast network resources. At present those resources seem to be mostly focused on activities that generate income, but there's no reason they couldn't be turned against your organization. A domain I own was recently the target of a distributed email dictionary attack from a botnet. What was the motive? I'll probably never know, but it wasn't fun to clean up.

Is there anything your company does that others might not like? Probably. If the physical security folks in your company are worried about protesters and other activists, then you should be assessing the risk to your networks from those same--and similarly aligned--groups. NetworkWorld has a list of ten steps you can take to prepare. You're probably doing most of these already, pay attention to those you're not.