<p>As the calendar turned to June and the nation continued to cope with the aftermath of the killing of George Floyd, the Minnesota Senate allegedly fell victim to the international hacktivist group Anonymous. On June 2, the Senate&rsquo;s servers were breached and passwords used by senators and staff were accessed, resulting in web pages going down. As noted in the Pioneer Press, &ldquo;In a tweet, the hacking movement Anonymous highlighted the hack, which appears to have included a defacement of a Senate web page showing an Anonymous calling card and saying &lsquo;Justice for George Floyd.&rsquo;&rdquo;<sup>1</sup> While it cannot be definitively determined whether this was really an Anonymous attack, it comes in the midst of a number of distributed denial of service (DDoS) attacks against Minnesota government web pages. Even as rioting recedes in the streets of Minneapolis and throughout the nation, cyber rioting and hacktivism will continue to be of concern.</p>
<p>&lsquo;Hacktivism&rsquo; can be defined as acts of cybercrime motivated by political or social causes. Anonymous is an international, decentralized hacktivist group that is being reenergized by the recent protests.<sup>2</sup> Since there is no clear leader to this group, new factions can be created very quickly and work together to enact largescale attacks. The social upheaval and widespread anger washing over our world fuels this group and makes it attractive to those who want to protest and riot from a distance, &ldquo;anonymously.&rdquo;</p>
<p>Threat actors tend to have financial gain as their primary motivator. Ransomware and phishing attacks are typically examples of money-driven cybercrime. Hacktivism is more personal, and the mindset of a hacker with a social or political agenda may have an impact on how an attack is conducted. Apart from the team effort that groups like Anonymous are able to marshal, hacktivist attacks may be more tenacious than your average cybercrime venture, and government entities may be particularly targeted.&nbsp;</p>
<p>The risks of a hacktivist attack are largely operational, as is evident by the recent attacks perpetrated in Minnesota. DDoS attacks seek to make a system or network unusable for a period of time by disrupting services to users. Government websites and data will most likely continue to be threatened by hacktivist groups, in addition to law enforcement agencies. Companies and organizations with government clients or contracts and individuals related to those involved in the tragic death of George Floyd may also encounter a greater number of cyber events.&nbsp;</p>
<p>As we continue to struggle with the ongoing limitations spawned by the coronavirus pandemic and compounded by the recent events calling for social reform and justice, it is important to consider how our clients and colleagues may be affected digitally as well as in &ldquo;real time.&rdquo; Staying apprised of best cybersecurity practices and keeping up with the current cyber landscape is important to ensuring the safety and efficiency of our digital spaces, especially as many of us continue to work remotely.&nbsp;</p>
<p>In closing, a lesson from the Minnesota Senate hacking: It is always wise to avoid having a &ldquo;Passwords File.&rdquo; Passwords stored in text files on network-connected devices contributed to the scope and severity of this breach. Regular backup policies, VPNS, avoiding public WiFi, and the general advice to &ldquo;slow down&rdquo; online in an effort to reduce the risk of falling prey to phishing attacks are all simple ways to mitigate cyberthreats. s</p>
<p><hr />
MARK LANTERMAN is CTO of Computer Forensic Services. A former member of the U.S. Secret Service Electronic Crimes Taskforce, Mark has 28 years of security/forensic experience and has testified in over 2,000 matters. He is a member of the MN Lawyers Professional Responsibility Board. &nbsp;</p>
<p><sup>1</sup> <em>https://www.twincities.com/2020/06/02/minnesota-senate-computers-hacked-passwords-file-accessed-web-pages-down/&nbsp;</em></p>
<p><sup>2</sup> <em>https://www.reuters.com/article/us-minneapolis-protests-anonymous/hackers-and-hucksters-reinvigorate-anonymous-brand-amid-protests-idUSKBN23A06I&nbsp;</em></p>
<p>&nbsp;</p>