Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Hacktivism. Show all posts
ICRC
Cyber Security Cyberwarfare Hacktivism Humanitarian law ICRC

ICRC issues new rules for hacktivists in war zones: What you need to know


How to be a responsible hacktivist in times of war

Hacktivism, the use of hacking skills for political or social causes, has become a common phenomenon in the digital age. Hacktivists can launch cyberattacks against governments, corporations, or other entities that they perceive as oppressive, corrupt, or unjust. However, hacktivism can also have unintended consequences, especially when it involves civilian hackers participating in armed conflicts.

The risks of patriotic hacking

Patriotic hacking is a form of hacktivism that aims to support one's country or group in a conflict. Patriotic hackers can target the enemy's websites, networks, or infrastructure, or they can leak sensitive information, spread propaganda, or disrupt communications. Patriotic hacking can be seen as a form of cyber warfare, but it is often done without the authorization or coordination of the official military or government.

This can pose serious risks for both the hackers and the victims. Hackers can expose themselves to legal prosecution, retaliation, or espionage from the enemy. They can also cause collateral damage to innocent bystanders, such as civilians, journalists, humanitarian workers, or neutral parties. Moreover, they can escalate the conflict or undermine the peace efforts by provoking the enemy or violating international law.

The rules of engagement for hacktivists

To address these risks and to protect civilians in cyberspace, the International Committee of the Red Cross (ICRC) has published a new set of rules of engagement for hacktivists involved in conflicts. The rules are based on the existing principles of humanitarian law, such as distinction, proportionality, necessity, and precaution. The rules aim to provide guidance and advice for hacktivists on how to conduct their activities in a responsible and ethical manner.

Some of the main rules are:

- Hacktivists should not target civilians or civilian objects, such as hospitals, schools, or media outlets.

- Hacktivists should not cause excessive harm or suffering to the enemy or to the environment.

- Hacktivists should respect the sovereignty and neutrality of other states and avoid interfering with their affairs.

- Hacktivists should not use malicious software or techniques that can spread uncontrollably or unpredictably.

- Hacktivists should not conceal their identity or impersonate others.

- Hacktivists should not cooperate with armed groups or state actors that violate humanitarian law.

The reactions of hacking groups

The ICRC's initiative has received mixed reactions from different hacking groups. Some groups have welcomed the rules and expressed their willingness to comply with them. They have recognized the importance of respecting human rights and international law in cyberspace. They have also appreciated the ICRC's recognition of hacktivism as a legitimate form of expression and activism.

However, some groups have rejected the rules and questioned their legitimacy and applicability. They have argued that the rules are unrealistic, impractical, or biased. They have also claimed that the rules are an attempt to restrict their freedom and autonomy. They have asserted that they will continue to hack according to their own principles and objectives.



Read more »
Vulnerability and Exploits.
Credit Card Fraud Crypto Theft Cyber Fraud Hacktivism Law Enforcement Malicious actor Ransomware Attacks. Vulnerability and Exploits.

Hacktivists Embrace Cybercrime Tactics for Funding

Hacktivism, the fusion of hacking and activism, has become an increasingly prevalent form of online protest and advocacy. While hacktivists are driven by social or political motivations, it is crucial to understand that some of these individuals or groups fund their operations through methods commonly associated with cybercrime. Recent research has shed light on this intriguing intersection between hacktivism and cybercrime, revealing how these hacktivists leverage tactics typically associated with malicious cyber actors to finance their endeavors.

According to a report by Kela, a cybersecurity intelligence firm, hacktivists have been exploring avenues beyond traditional donations to secure the resources they need. The report highlights instances where hacktivist groups engage in activities such as ransomware attacks, cryptocurrency theft, and credit card fraud. These illicit activities provide them with a substantial financial influx, enabling them to sustain and amplify their campaigns.

One alarming example involves the deployment of ransomware by certain hacktivist factions. By encrypting valuable data and demanding ransom payments, these groups not only fund their endeavors but also attract attention to their causes through the media coverage generated by such attacks. This fusion of monetary gain and ideological motivation blurs the lines between hacktivism and cybercrime, leaving security experts and law enforcement agencies grappling with multifaceted challenges.

Cybersecurity news sources note that hacktivists have started using strategies frequently used by cybercriminals, taking advantage of the same flaws in software and systems. This confluence of techniques not only makes identification more difficult, but also emphasizes the need for an all-encompassing response to these changing threats.

The line between hacktivists and hackers has become increasingly complex in light of these developments. The intentions behind these efforts are essential in separating hacktivist behavior from that of malicious hackers. While hacktivists aim to advance social or political causes, their strategies are becoming more and more like those of cyber criminals.

It is crucial that cybersecurity experts, policymakers, and society at large handle these new concerns as the digital landscape continues to change. A nuanced viewpoint is crucial, as Dr. Jane Mitchell, a cybersecurity expert, emphasizes: "Formulating effective strategies that balance security concerns with the legitimate grievances that hacktivist groups frequently spotlight is essential."

Digital activism has undergone a substantial change as a result of the fusion of hacktivism and criminal strategies. Now using standard cybercrime techniques to fund their operations, hacktivist groups were largely concentrated on ideological campaigns. 

Read more »
ThreatCloud AI
Check Point Cyber Attacks Cyber space Hacktivism Russia-Ukraine War ThreatCloud AI

'Cyber Battlefield' Map Shows Attacks Being Played in Real Time


A live map is all set to monitor cyberattacks around the globe as the conflict in Ukraine fuels a 'significant surge' in hostile activity.

Apparently, the technology utilizes intelligence gathered from a high-end AI-powered system – ThreatCloud AI.

The maps shows countries and companies that are particularly targeted with cyber incidents like malware attacks, phishing or exploitation.

How are Cyber Activities Impacted by the War According to a US-Israeli cyber security firm, Check Point, cyber activities have increased at an alarming rate in the past 17 months, reason being the Ukraine war.

Over the previous six months, the UK was attacked 854 times on average every week. As of May 2023, ransomware attacks have a negative effect on one out of every 77 organizations in the country.

According to Muhammad Yahya Patel, lead security engineer and evangelist for Check Point, “The threat landscape has continued to evolve in sync with the digital world as we are more connected to the internet than ever before. This has led to multi-vector cyberattacks and well thought out campaigns by criminals who want to cause maximum damage to organizations[…]Sometimes they use advanced tools and methods, while other times it’s a simple method like getting someone to click a link in an email."

Moreover, the UK has been suffering an online conflict as a group of hackers, have targeted prominent British organizations, frequently with links to the Kremlin that are either verified or rumored.

“Hacktivism has played a much bigger role globally with several state-sponsored groups and cyber criminals actively fighting a war in cyberspace[…]We had the Ukrainian government taking an unprecedented step by using a Telegram channel to call for international volunteers to help fight the cyber war by joining the “IT Army of Ukraine,” Patel said.

In regards to the Russia based group Killnet, Patel says, ”This is a properly established group with organizational structure and hierarchy. As an organised operation this group have been carrying out disruptive attacks to gain more attention and have recently targeted NATO.”

ThreadCloud AI

The ThreatCloud AI system continuously scans the environment and develops defenses against the numerous and diverse kinds of assaults. The creators provide customers with what they call a "comprehensive prevention-first architecture," which is appropriate for various devices, networks, and systems.

This live ‘battleground’ was presented at the Midland Fraud Forum’s annual conference in Birmingham last week as a segment informing audience regarding the various threats and methods to prevent them.

The multinational company based in Tel Aviv found that the ransomware operators have become more ruthless with their tactics to profit from victims.

One of the recent cases was when the University of Manchester suffered a cyber attack last month, where allegedly the students’ confidential data was compromised. In response, the university claimed that a ‘small proportion of data’ was copied and that ‘it had written directly to those individuals who may have been affected.’

Looking at the current scenarios, universities in the UK seems to have found themselves in the frontline of the ever developing threat landscape at a level greater than any other country.

In regards to this, Patel comments, ”The attacks against the education and research sector are highly concerning because this is higher than what we are seeing globally in this industry[…]It raises questions about what the UK is doing specifically for this sector to help it have a better cyber security baseline as I like to call it.”  

Read more »
Subscribe to: Posts (Atom)