Are hacktivism cyber attacks being under - reported?
Seven UK data breaches and cyber attacks reported in July including the claimed take down of Brimingham and London City airport websites by two Russian hacktivist groups.
Of course this isn’t new and Russian hacktivist groups have been fairly active recently. However a point of interest about these incidents is that the airports themselves have reported them as IT issues rather than cyber attacks. Given they were both denial of services attacks, involving no personal data, there was of course no requirement to notify under GDPR. This leads to two possible scenarios.
Either UserSec and Anonymous Russia are opportunistically claiming IT incidents as cyber attacks, which is certainly possible though not very glorious Russia! Or these two businesses are both publicly downplaying the incidents. On the balance of things the latter seems far more likely.
So given this is it possible that UK business are downplaying hacktivism attacks? Again very possibly, though of course we will never know. The net result could be much more hacktivism activity than we are currently aware of.
So what does this mean? Well for starters if you have not considered hacktivism as a threat until now then perhaps it’s time to carry out some further analysis. Parameters to consider should include your industry, any geopolitical connections to your business through partnerships and trade, and any public political commentary from your leadership team. And secondly you should keep an eye out for hacktivist threat intel and monitor how the tactics, techniques and procedures (TTPs) develop over time. These should be added into threat modelling and defensive strategies if appropriate.
To find out how we collate this information, please follow this link.
Scroll down to see the full list of cyber attacks and data breaches.
Visit our cyber attacks and data breaches UK homepage for the full historical list.
Bob Nicolson | Head of Consultancy