IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Hacktivism Against States Grows After Overturn of Roe v. Wade

State and local governments need to prepare and respond to a new round of cyber attacks coming from groups claiming to be protesting the Supreme Court overturning Roe v. Wade last Friday.

Protestors march in Los Angeles following leaked Supreme Court documents in May 2022.
Activists in Los Angeles protest leaked Supreme Court documents that would overturn Roe v. Wade in May 2022. The court ruled on the issue in June.
Shutterstock/Matt Gush
As both protests and celebrations accelerated over the weekend in cities across the country after the U.S. Supreme Court overturned Roe v. Wade on Friday, June 24, heated debates also surged on social media and numerous websites and other media.

But not all of the activity was peaceful or legal, both offline and online. Consider this LinkedIn report from Michael McLaughlin, a trusted cyber intelligence leader who I have interviewed in the past:

A ransomware group breached anti-abortion U.S. state governments to foment unrest in possible new front in Russia’s misalign influence campaign. SiegedSec, a ransomware group that came onto the scene coincidently days before Russia’s invasion of Ukraine has quickly progressed in lethality by increasing the group’s volume of victims announced in recent months.

Today, SiegedSec announced on its public Telegram board that it has breached the servers of the Arkansas and Kentucky state governments in response to the U.S. Supreme Court ruling overturning Roe v. Wade: “Time for some H4CKTIVISM!”

Like many, we are also pro-choice, one shouldn’t be denied access to abortion. As added pressure to the U.S. government, we have leaked many internal documents and files retrieved from Kentucky’s and Arkansas’ government server. These docs have plenty of employee PII and lots more.

“THE ATTACKS WILL CONTINUE! Our main targets are any pro-life entities, including government servers of the states with anti-abortion laws.”

ANALYSIS OF CYBER ATTACKS


At the time of writing this blog (Sunday afternoon, June 26), there has been no public verification of these cyber attacks by officials in Kentucky or Arkansas state governments. Nevertheless, given reliable sources for this information from the intelligence community, I have no doubt that these pronouncements are real. The extent of any data breaches remains to be seen, but I fully expect more cyber attacks to materialize in the days and weeks ahead.

As I have done for more than a decade, I encourage security leaders to turn to the Multi-State Information Sharing and Analysis Center (MS-ISAC), Cybersecurity and Infrastructure Security Agency (CISA) and the United States Computer Emergency Readiness Team (US-CERT) for additional details and guidance on alerts and information regarding ongoing cyber attacks.

You can get more information on this situation by reading DarkOwl’s spotlight of SiegedSec here: https://lnkd.in/gFdfjpgB

MORE BACKGROUND ON THIS HACKTIVISM ISSUE


No, this is not the first time something like this has happened regarding hacktivism, abortion rights and state governments. Last October, RollingStone magazine wrote this article: “A Pro-Choice Hacking Team Defaced the Texas GOP Website. So We DM’d Them.”

Here’s an excerpt:

For several hours on September 11th, 2021 — a little more than a week after the most restrictive abortion ban in the country went into effect — the Texas GOP’s website was plastered with an army of adorable, amphibious Pokémon. Scroll a little further down the home page and you would find a Rick Astley music video, a mission statement attributed to the “Republican Party of Fucking Over Women,” and a joke about U.S. Sen. Ted Cruz being the Zodiac Killer.

A button up top encouraging visitors to “Join Operation Jane” redirected to Twitter, where a splinter group of the hacktivist collective Anonymous were documenting guerilla efforts to push back against Texas’ six-week abortion ban. (Before targeting the Texas GOP, for instance, the group encouraged supporters to flood ProlifeWhistleblower.com — a site designed for users to anonymously inform on abortion providers violating S.B. 8 — with fake tips and Shrek porn.)

Other related articles include this one from Politico earlier this month: “‘Lock it down right now’: Abortion rights advocates prepare for a new wave of digital security threats.” Here’s an exceprt:

Abortion rights groups are using software that protects privacy and are honing other strategies to combat digital threats that they expect will worsen in a post-Roe world. …

The question is whether the tools and strategies abortion rights groups have developed will be enough for what advocates and cybersecurity specialists say is likely to become a more sophisticated and widespread surveillance operation in states that restrict abortion if the Supreme Court overturns Roe, as a draft opinion obtained by POLITICO indicates it plans to.

Abortion rights groups have for years faced anti-abortion activists shutting down their websites, stealing provider and patient information and using phone location data to advertise anti-abortion materials to people who visit family planning clinics. Prosecutors have also relied on online searches and patient data to inform abortion-related arrests.

FINAL THOUGHTS


I want to echo Michael McLaughlin’s thoughts that irrespective of your position on the recent Supreme Court decision, we must be vigilant and aware of foreign influence operations attempting to hijack this moment and further divide us as a nation. Before you “like” a post, share content or comment, please ask yourself whether the source is verifiable or a troll seeking to sow division.

Also, beware of attempts to mislead you. Misinformation and false assertions, which are rampant right now online, are coming from overseas enemies that want to stir up divisions in our country.

We must learn from the mistakes of the past few years which are full of fake news stories. State and local governments must take steps to protect our networks, systems and, most of all, our people from new cyber attacks. This CISA Shields Up website can also help.
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.