Akamai recommends the following steps to prevent similar attacks:
- Place a transfer lock on your domain registration
- Be ready to delete or shut off any trusted third-party content on your sites, in the event they are compromised
- Be more vigilant monitoring the health (and existence!) of your websites
- Remind employees to be wary of social engineering and phishing attempts
- Ensure that key personnel is available and ready if a situation does arise
In addition to the SEA, we believe that other organizations will take advantage of the political situation and proximity to 9-11 to launch attacks.
Al-Qussam Cyber Fighters (QCF) have not attacked as expected during Operation Ababil phase IV, but they have been maintaining the Brobot botnet and recruiting new nodes. It is possible that the QCF will attack again in the next week, hoping to take advantage of the confusion of other attackers. The QCF is primarily interested in targeting financial institutions, banks and brokerages with volumetric DDOS attacks. Firms in this sector should be prepared for the possibility of attacks by the Brobot botnet.
Members of the Anonymous hacktivist collective are working to gather support among Muslim hackers for OpIsrael Reborn and threatening attacks on both Israeli and US websites.
Other attempts at widespread disruption by Anonymous in both OpIsrael and OpUSA had only minimal success with website defacements using cross-site scripting (XSS) and data exfiltration via SQL injection, but companies should be prepared for these kinds of attacks as well.
The confluence of the anniversary of 9-11 and the possibility of a declaration of US intervention in Syria makes next week an especially tempting one for hacktivists. Any organization with a web presence should make preparations to defend themselves from:
- Volumetric DDOS attacks
- Social engineering and phishing attacks
- Attacks via third party code
- Attacks on DNS infrastructure.