Cyber Monday: A Hacktivist’s Dream Come True?

So far this year has been astonishing for the “Named Attacks” by Hacktivists as illustrated in the chart below. In addition to these named attacks there are two additional attacks which are scheduled to take place over the coming days, one against and the other against (although the latter has been renounced by the ‘main faction’ of Anonymous).

So, the question which remains is which day of the year is the most optimum day for a Hacktivist attack? Of course, the answer is, perhaps, a different day for each potential targeted company, however we can make some generalizations which can lead us all into ‘more risky days’ or ‘less risky days’. Some of these obvious situations which make one’s site at an increased risk for outage are the following:

  • Routine Seasonal Business Increases
  • Successful Business Promotions / Sales
  • Robust Product Sets / Introductions
  • Recent news around a product or idea

Some less known, but equally as powerful conditions making a Hacktivist attack rife for success are as follows:

    • Poorly designed website – not taking information security availability risks into account
    • Non-resiliently designed network, application or operating system environments
    • Poorly designed defenses to security-related availability outages

Given this situation, a Hacktivist may conclude that generically the best day of the year to attack a “Named Victim” would be on Cyber Monday when cyber crowding, flash customer events, and poorly designed web environments will be overwhelmed by an attack which would have otherwise been able to be isolated and mitigated. Moreover, the attack would have the amplifying affect of causing economic hardship to the victim as they would have denied one of the best cyber-revenue generating days of the year!

[tabs slidertype=”left tabs” auto=”on”] [tabcontainer] [tabtext]2006-2007[/tabtext] [tabtext]2008[/tabtext] [tabtext]2009[/tabtext] [tabtext]2010[/tabtext] [tabtext]2011[/tabtext] [/tabcontainer] [tabcontent] [tab]

  • Habbo raids
  • Hal Turner raid
  • Chris Forcand arrest

[/tab] [tab]

  • Project Chanology
  • Epilepsy Foundation forum invasion
  • Defacement of SOHH and All HipHop websites

[/tab] [tab]

  • No Cussing Club
  • 2009 Iranian election protests
  • Operation Didgeridie

[/tab] [tab]

  • Operation Titstorm
  • Oregon Tea Party raid
  • Operations Payback, Avenge Assange, and Bradical
  • Operation Leakspin
  • Zimbabwe

[/tab] [tab]

  • Attack on Fine Gael website
  • Arab Spring Activities
  • Attack on HBGary Federal
  • Purported threat against the Westboro Baptist Church
  • 2011 Wisconsin protests
  • 2011 Bank of America document release
  • Operation Sony
  • Spanish Police
  • 2011 Indian Anti-corruption movement in cyber space
  • Operation Malaysia
  • Operation Orlando
  • Operation Intifada
  • Operation Tarmeggedon
  • Operation Anti-Security
  • Operation Facebook
  • Operation BART
  • Opposition to Los Zetas
  • Operation Invade Wall Street
  • Operation Toronto Stock Exchange (TSX)
  • Operation Dark Net

[/tab] [/tabcontent] [/tabs]

Carl Herberger

Carl is an IT security expert and responsible for Radware’s global security practice. With over a decade of experience, he began his career working at the Pentagon evaluating computer security events affecting daily Air Force operations. Carl also managed critical operational intelligence for computer network attack programs to aid the National Security Council and Secretary of the Air Force with policy and budgetary defense. Carl writes about network security strategy, trends, and implementation.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program


An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center