Most Hacktivists Just Looking For Attention: Report

A new security report reveals that most 'hacktivists' (or politically-motivated hackers) aren't looking to inflict long-term damage on their victims through cyberattacks. Instead, their primary goal is to draw attention to their own cause.

But that's not necessarily a good thing -- in fact, experts say it makes devising a foolproof security strategy extremely difficult.

"What we have seen with hacktivists is that attacking a website tends to be more about generating media coverage about their cause than it is about which site they targeted or what the impact was," says Michael Smith, incident response team director at computer security firm Akamai.

Are Hackers Attention Hogs?

In cases like the recent disabling of The New York Times website by The Syrian Electronic Army, Smith says the goal often has little to do with making money or even hurting the target -- instead, it's all about drawing media attention to the hackers' own cause. (Source: pcworld.com)

In the New York Times case, the idea was to arouse some kind of opposition to a military strike against the Assad Syrian government, which stands accused of using chemical weapons against its own people.

To take down The New York Times site, The Syrian Electronic Army focused its attention on the site's Domain Name System. Some hacktivists use weaknesses in DNS servers to redirect traffic away from a legitimate site and towards a fake page containing propaganda outlining a hackers' cause.

Time to Step Up DNS Defenses

To prevent these kinds of attacks from succeeding, security experts like Danny McPherson, chief security officer at VeriSign, say it's time IT administrators focus on improving DNS defenses.

That could involve a technology called DNS Security Extensions, which provides additional authentication systems in order to prevent hacker takeovers.

But not even DNS Security Extensions can be considered a 'silver bullet'. McPherson says "there are a lot of components" for websites to consider when protecting against cyberattacks. "It's all about layered defense," McPherson added. (Source: gcn.com)

For his part, Smith also acknowledges that a multilayered protection strategy is important because it's difficult to predict how hackers will approach each operation.

"The key thing to remember is that individual vulnerabilities may be different, but the attacker won't always pick the easiest or least risky way to achieve their goals," Smith said. (Source: pcworld.com)