- Featured Columnists
- My Business
- Business Insurance
- Communications and Work Anywhere
- Customer Service
- Direct Selling
- Human Resources
- International Trade
- Legal Assistance
- Marketing, Advertising, and PR
- My Office
- Security and Fraud Protection
- Government Resources
- Selling Online
- Starting & Planning
- Travel Resources
- My Cash
- Women In Business
- Industry Solutions
- Social Media
- Calculators and Tools
- My Employee
|Share / Print / Sitemap|
Hacktivists Threaten to Target Law Enforcement Personnel and Public Officials
Law enforcement personnel and public officials may be at increased risk of being targeted by hacktivists. Hacking collectives are effective at leveraging open source, publicly available information identifying officers and public officials, their employers or associates, and their families. With this in mind, officers and public officials should be highly aware of their email account security and their online presence and exposure. For example, posting images wearing uniforms displaying name tags or listing their police department on social media sites can increase an officer's risk of being targeted or attacked.
Many legitimate online posts are linked directly to personal social media accounts. Law enforcement personnel and public officials need to maintain an enhanced awareness of the content they post and how it may reflect on themselves, their family, and their employer, or how it could be used against them in court or during online attacks.
In a recent threat, a threat actor typically contacts the Internet Service Provider (ISP) of the target, poses as an employee of the company, and requests details regarding the target's account. Utilizing these details, the caller then contacts the target's email provider, successfully provides answers to security questions established for the email account, and is granted a password reset for the account. Ultimately, the actor gains access to the victim’s email account and begins to harvest personal or other information.
Threat actors may also target law enforcement personnel and public officials through doxing. Doxing is the act of compiling and posting an individual's personal information without permission. The personal information gathered from social media and other Web sites could include home addresses, phone numbers, email addresses, passwords, and any other information used to target an individual during a cyber attack. The information is then posted on information-sharing Web sites with details suggesting why the individual should be targeted.
Recent activity suggests family members of public officials and law enforcement officers are also at risk for these types of targeting activity. Targeted information may include personally identifiable information and public information and pictures from social media Web sites.
While eliminating your exposure in the current digital age is nearly impossible, law enforcement officers and public officials can take steps to minimize their risk in the event they are targeted.