On 4th August 2015, an eight-minute video posted by hacktivist group Anonymous Malaysia, threatening the Malaysian government and the Prime Minister was posted online. The video showcased the group declaring an “all-out Internet warfare” towards the Malaysian Anti-corruption Commission (MACC), police , along with another 150 web portals that the group “strategically” selected. The group warned that the cyberattack would be carried out during the Bersih 4.0 demonstrations on 29 August 29 till 30 August from 6PM to 5PM. Paul Oliveria, Technical Communications Manager, TrendLabs would like to enlighten Malaysians on what Anonymous Attack is and what can we do to protect ourselves. This type of threat of an attack from hacktivists like Anonymous is not new; for the past several years, we have seen attacks that have been carried out on various topics, and to varying degrees of success. Trend Micro recently published an online article that provides a brief history and timeline of notable hacktivist activities here. As such, companies and organizations should learn from these past incidents and prepare for possible hactivist attacks. Since these attacks can cause disturbances that can disrupt operations, organizations must, among other things, make sure to update all IT systems, operating systems, applications, and websites regularly. It also helps to collect and study anomalies in network activity to help mitigate threats. They should also, apply appropriate technical controls and properly educate the staff to maintain a “human firewall.” Hacktivist attacks usually go for public-facing infrastructure of their targets (e.g., websites) as these are the most “visual” ones that can easily be spotted. These include distributed denial of service (DDoS) attacks and website defacements. Another type that we have seen have something to do with leak/release of documents/information as another way to damage the reputation of the target. We shared a series of papers last year that discussed some best practices shared by our researchers on how organizations can protect themselves against targeted attacks. Essentially there are four steps: 1. Secure network infrastructure 2. Protect sensitive data 3. Build an incident response team 4. Build threat intelligence
