X

Commentary: Hacktivism misses the target

Poorly aimed attacks could hurt the United States as it tries to develop allies, and actions could hurt U.S. computer systems by using them to stage attacks against foreign systems.

2 min read
By Richard Mogull, Gartner Analyst

An unfortunate response to the tragic events of Sept. 11 is the pursuit of criminal activity in the name of patriotism.

See news story:
Hackers divided over response to terrorism

"Hacktivism" can hurt the United States as it tries to develop allies. For example, hacktivists may attack Islamic-related sites in Pakistan, a country that is helping the United States to address terrorism. The attacks could jeopardize Pakistani relations by promoting bad feeling against the United States in that country.

Hackers could compromise U.S. systems or those of its allies in the process of staging attacks against foreign systems. Cybercriminals routinely abuse systems to stage their attacks. Systems unrelated to the terrorist attacks will likely be used as staging points for cracking and for distributed denial of service and other attacks.

Simply put, hacktivists are immature vandals who use tragedy to justify the illegal activity they already practice. They may think they are furthering the interests of the United States, but their activities are not beneficial.

Cybercrime, criminal activity for financial gain, is also expected to rise as true criminals attempt to take advantage of perceived uncertainties within U.S. financial systems. Some criminals will exploit every opportunity for personal gain at the expense of others.

Cyberterrorism--computer crime designed to cause loss of life or property for a political goal--will likely take place as terrorists perceive that the United States has lowered its security posture. It may also be timed with U.S. retaliatory actions as a form of revenge. U.S. infrastructure will likely be in danger, and the targets will likely include financial institutions, infrastructure elements and any organizations associated with the U.S. economy (such as utility, telecommunications, online-trading and e-commerce companies). Gartner also expects combined cyber and real-world attacks designed to disrupt communications or relief efforts during another physical attack.

Companies should use this time to re-evaluate their security plans, making sure procedures are in place and are strong. Incident response teams should be placed on alert and should identify areas of vulnerability. Criminals will take advantage of any security hole they can find. Organizations engaging in online business, relief efforts or national infrastructure should heighten their security.

Hacktivists should halt all activities and allow the U.S. government to respond to its enemies. This is a time for solidarity, not vigilantism.

(For a related commentary on security measures, see Gartner.com.)

Entire contents, Copyright © 2001 Gartner, Inc. All rights reserved. The information contained herein represents Gartner's initial commentary and analysis and has been obtained from sources believed to be reliable. Positions taken are subject to change as more information becomes available and further analysis is undertaken. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of the information. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof.