Skip to content

The Emerging Threat of “CybeRevenge”

2015 March 22
by Jason Nairn, CPP, CISSP

Imagine…

You represent a large utility company, and your power plant discharges waste cooling water into local waterways.  An environmental group reports that your discharge water is contaminated, despite the fact that your testing shows it is within permitted parameters.  Local media picks up the story of reported contamination, and it is subsequently picked up by national media as a result of recent similar stories in West Virginia and elsewhere.  Officials with the state environmental department review your tests and test the water and sediment, finding no evidence of contamination.  They issue a press release stating that there is no evidence of contamination or inappropriate management of facility discharge, but this gets far less attention from the press.

A week after the negative press, a malicious computer virus infects your company’s networks.  A Stuxnet derivative, the virus impacts your SCADA network, causing equipment failures and ultimately customer outages.  The company estimates the damages at over $5 Million.  A cyber hacktivist organization takes responsibility for the cyber attack, stating that the attack is in response to your company’s ” corporate greed and disregard for the environment”.

Now imagine this…

Your local police department experiences an officer-involved shooting.  An ethnic minority member of your community is shot by a police officer in an altercation.  As the investigation into the incident gets underway, your City is hit with a cyber attack that disables the web servers for all city government departments.  City residents are unable to access government services, and city business is seriously restricted.  City and county police and fire agencies are impacted and officers put at increased risk, 911 operations are impacted and thus residents are put at greater risk, and the costs are significant.

A cyber hacktivist organization takes responsibility for the attack, citing the shooting death “at the hands of the police”.

Both of these scenarios are examples of “Cyberevenge” attacks, where hackers target public or private agencies for perceived damage to interests that they purport to represent or support.  These punitive, extra-judicial attacks are not new, but they seem to be happening with greater frequency and with less concern for due process.  The latter of these two scenarios happened last week.

According to Cyber Threats: Defining Terms (2009), hacktivists’ primary tools have traditionally consisted of “website defacements and denial of service” attacks.  However, as internet-based hacktivist organizations become more coordinated and more advanced, the threat of more damaging attacks is likely.

Security professionals, now more than ever, need to be aware of their vulnerability to cyber attacks that result from negative press or unpopular announcements.  Both public and private organizations are vulnerable, and the continued trend toward greater risk to infrastructure systems from cyber attacks means that public officials and critical infrastructure owners and operators should expect damaging cyberevenge attacks following media coverage of controversial issues, or negative press.

Franklin D. Kramer, Stuart H Starr, and Larry Wentz, eds.  “Cyber Threats: Defining Terms.” Cyberpower and National Security (2009).

 

No comments yet

Leave a Reply

Note: You can use basic XHTML in your comments. Your email address will never be published.

Subscribe to this comment feed via RSS

Anti-Bot Tool *