So are ‘irresponsible use of AI’ and ‘ideological cyber warfare’. Here are a few sets of tips to keep organizations safe…

Imagine a cybersecurity scenario where attackers are determined not to even demand a ransom, and to leak stolen data directly to the Dark Web because the they have personal grudges against the victim corporation.

This could be the case with an incident involving cloud message app Slack. An activist group has claimed that it has stolen more than a terabyte of data from the internal messaging channels of Disney, the owner of the firm.

The threat group claiming responsibility in public had stated it was unhappy with the organization’s mishandling of artist rights and compensations, its approach to using AI, and “pretty blatant disregard for the consumer”. They had further claimed that they had targeted a user’s session cookies to gain access to the network. Hijacked browser cookies can be used for authentication as different user in a completely different browser session on another system. This allows attacks to bypass even multi-factor authentication (MFA) checkpoints.

Proactive cybersecurity is key
Where activism is involved, cyber threats can be even more destructive because the agenda involves not just money but vengeance.

In view of this, organizations not only have to mind their cybersecurity posture, but also their corporate values and behavior in sensitive areas where widespread activism is likely. According to Patrick Tiquet, Vice President, Security and Compliance, Keeper Security, “all organizations, regardless of size, (need) to adopt a proactive and comprehensive cybersecurity strategy to safeguard against potential breaches. With cybercriminals employing increasingly sophisticated and large-scale attacks, the stakes have never been higher.”

Tiquet has cited six key measures that can help business leaders mitigate breach risks and protect their organization’s sensitive data.

  1. Secure user credentials: Even this fundamental baseline security measure is hackable due to cookie hijacking. Organizations should therefore enforce password hygiene and implement MFA everywhere possible.
  2. Prioritize incident response planning: A well-structured plan ensures that if a breach occurs, the organization can quickly and effectively manage and mitigate its impact. This plan should be regularly updated and tested to identify and address any weaknesses. It should also be an integral part of the overall cybersecurity strategy, not an afterthought.
  3. Minimize data collection and enforce access controls: Limit data collection to only what is absolutely necessary for operations. Enforce strict access controls to ensure employees have temporary access to ONLY the data they need for their roles.
  4. Conduct cybersecurity training and develop a strong cyber culture: Employees are the first line of defence against cyber threats. Implement comprehensive cybersecurity training programs to equip employees with the knowledge and skills to recognize and respond to threats. Conduct frequent training sessions and phishing simulations to keep employees updated on the latest threats and best practices.
  5. Implement Zero Trust security and identity and access management: A policy of least access can prevent unauthorized privilege escalation. Use a Privileged Access Management or identity and access management platform.
  6. Strengthen security against third party vendors: Supply chain attacks illustrate how external vendors and partners could be a weak link used by attackers. To mitigate these risks, organizations should establish clear security requirements for vendors and insist on proof of robust security controls. Work with vendors that are SOC 2 Type 2 and ISO 27001 compliant or hold similar security certifications. Choose service levels that match your organization’s security needs, as many providers offer varying levels of security features.

Meanwhile, in the area of corporate social responsibility and business ethics, organizations may find themselves a target of activists or state-sponsored ideological attack groups. This is where keeping their eyes on diversity, equity and inclusion, and ESG best practices, is also crucial.

Finally, AI can be a controversial trigger now and in future due to its impact on people’s careers and personal lives. Organizations should therefore be keenly aware of the need for adopting Responsible AI in their DNA.