Experts predict that we can expect an increasing number of hacktivist attacks this year. Although the past few years have seen only sporadic hacktivist activity, from a number of actors, most notably the Anonymous collective, but this is set to change.

However, Russia’s full-scale invasion of Ukraine last year has seen hacktivism rear its head in a massive way, with groups on both sides of the conflict trying to cripple state entities, media outlets, and even private companies with increasingly destructive attacks.

2023 will be no different, except that this new wave of hacktivism, which has a wide range of levels and resources, is expected to employ a variety of new tactics and approaches that will see the lines between hacktivism and state-sponsored attacks start to blur.

So what is hacktivism? Made up by combining the words ‘hack’ and ‘activism’, hacktivism is the act of hacking, or breaching a computer system, for ideological purposes, be they politically or socially motivated. An individual who commits an act of hacktivism is said to be a hacktivist. These individuals carry out a range of attacks, from defacing a company’s website, to leaking that entity’s information. Their goal is to a message through their activities and gain momentum and visibility for whichever cause they are espousing.

According to Alex Gostev, Chief Technology Expert at Kaspersky, the history of hacktivism has transformed through its adolescence, when it was a civil movement within the active part of the hacking community. “After the first significant actions by hacktivists over a decade ago, government entities realised hacktivism’s potential and how it could be used for their own purposes. The current surge of hacktivism is supported and directed by different countries according to their goals, yet many hacktivists believe they act as independent actors.”

However, Gostev says this is not the case, and using hacktivists in this way will only increase in the future. “It is convenient since they can be assigned tasks that need to be public but should not be attributed to state structures. As a result, we will face a situation where any hacktivist cyberattack should be perceived and analysed just like a targeted attack by professionals in government service or highly organised cybercrime. Simultaneously, with the exponential increase in the number of such attacks, it threatens to create an unprecedented level of difficulty for the opposing side, cybersecurity. This, in turn, should lead to a constant elevation of knowledge levels and methodologies for rapidly training new personnel.”

Recently formed cyber security company Trellix, also released a series of predictions recently, detailing how hacktivists have the power to cripple not only organisations, but entire verticals, industries, and even economies.

Driven by tensions from opposing political factions, such as Russia and Ukraine, or China and Taiwan, the company predicted a surge in geopolitically motivated attacks across Asia and Europe, as well as a renewed interest in supply chain attacks.

The company also forecasts that geopolitical factors will continue to be a high motivation for misinformation campaigns as well as cyber attacks that are timed with aggressive military activity.

Moreover, these groups of people who are tenuously and loosely organised and driven by propaganda with a strong believe in a common cause, will up the ante and use more and more cyber tools to voice their rage and wreak havoc around the world.

Skeletons will begin falling out of the software closet too, as bad actors and security practitioners will intensify their study of underlying software frameworks and libraries, which will result in an increase in the number of attacks targeting software supply chains.

The organisation also believes that we will see a surge in activity by teenage cyber criminals. These young adults will begin engaging at higher levels in cyber crime, ranging from large-scale attacks on enterprises and governments to low-level crimes that target individuals.

Furthermore, the outsourcing of malware authoring and operation, the diversification in the development of malicious tools, and the use of leaked source code will make attribution of attacks to specific threat actors or criminal groups, increasingly difficult.

This is just the tip of the iceberg, we can expect weaponised phishing attacks, an increased used of deepfake technology, and even the hacking of satellites and other space assets. It’s a scary picture.

According to Accenture, up to 40% of cybersecurity attacks are now occurring indirectly through the supply chain. Supply chain attacks may not yet be as common as traditional attack vectors, but their complexity and impact is significantly higher. SolarWinds still dominates the headlines, and more ongoing attacks like this one will undoubtedly emerge in the near future.

So what can we do to spot and stop supply chain attacks? Familiarise yourself with a proven set of essential procedures, tools and technologies, contract requirements and general awareness proven to minimize risk.

This training also incorporates key steps to build your SC&TP Cyber Security Monitoring Framework, and uses different practical and problem-solving tasks to aid understanding of the learning content covered.