Earlier this month, the whole world tuned in as France faced a national tragedy when the satirical magazine Charlie Hebdo lost 12 of its cartoonists in a terrorist attack. Talk of terrorism, freedom of speech, and the affects of these actions on the rest of the Muslim community flooded the Internet accompanied with the hashtag #jesuischarlie—a hashtag used to show solidarity with the victims of the attack and support for freedom of speech.
What appears to have been largely unnoticed by the public are the 19,000 websites that were hacked immediately following the mayhem caused by the physical attacks at Charlie Hebdo. According to Admiral Arnaud Coustilliere, the French military’s head of cyberdefence, this rush of cyber-attacks has never been seen by a single country at one time.
While some experts believe that the attacks were seemingly unsophisticated, other sources give more credit to the hackers and the dangers they presented. Regardless of whether the hacks were sophisticated or not, the correlation between the physical terrorism and the cyberterrorism is real, and introduces new and serious security questions to governments and organizations worldwide. The correlation between street terrorism and cyberterrorism is real enough that users need to be aware of increased vulnerabilities during times of terror—specifically social engineering and careless security practices.
Increased Social Engineering
Social engineering attacks are one of the reasons that the Internet and personal data become more susceptible during times of global tragedy or terror. Social engineering does not rely on any technical vulnerabilities, but instead takes advantage of the psychological and emotional vulnerabilities of Internet users.
As writer Maria Korolov pointed out, during the Charlie Hebdo attack hackers used the popular hashtag #jesuischarlie (and other related images) to catch the attention of global readers who were anxiously searching for information on the attack. These global readers, many of them not speaking French, became more susceptible to downloading malware simply because they let their guard down in attempt to find out information about the attack.
Don’t let your guard down—even, and especially, in times of terror. No matter how rushed you are to find out information, continue to use smart security practices by only gathering your information and downloading files from trusted sources.
Increased Attacks on Vulnerable Sites
As this Telegraph article on France’s recent cyber-attacks points out, there was no specific group of targeted websites. The hackers attacked all sorts of websites, from “military regiments to pizza shops.” Because the attacks were so varied and not pointed at any isolated group, it’s safe to assume that hackers were simply searching for websites that lacked good security—no matter what the content contained.
Just as the hacked websites varied, so did the hackers. Some of the hackers were related to jihadist groups attempting to expand Al-Qaeda propaganda. However, many of these hackers were just piggybacking on the acts of physical terrorism as a way to attack businesses while they were weak and distracted.
This one is simple: don’t wait for a crisis to get your security up-to-date. When your security is weak, you become an easy target for hackers; and like the recent Hebdo attacks show, nobody—not even a pizza chain—is immune to these vulnerabilities. All companies, including small businesses and non-technical companies, need to invest in good security in order to earn and keep the trust of their clients. Securing your customers’ data with a high-assurance SSL Certificate from a trusted Certificate Authority like DigiCert will significantly decrease your chances of losing your clients’ trust in these sorts of mass hacking attacks.
Whether or not your website has been recently hacked, you can implement smart security measures today and avoid becoming a casualty in an act of terror.