Threat Intelligence Blog

Posted May 14, 2015


There are an estimated 200 million Instagram users, 284 million Twitter users, and more than 1 billion Facebook users. There will be more than 1.5 billion smartphone users by the end of this year. On the one hand, these numbers represent millions of new opportunities to engage with customers. From a security standpoint, however, these numbers can represent “a clear and present danger” to your business. Social media posts often give hacktivists the justification and support they’re looking for to launch online assaults against a variety of companies, often in the form of DDoS attacks.


For example, after someone shared a photo on social media of a weaponized Caterpillar bulldozer being used in the Israeli – Palestinian conflict to tear down housing, activists launched a DDoS attack on the manufacturer. A Google image search for “stop Caterpillar” returns many images of the company’s products being used in conflicts and hostile situations around the world,often illegally or without the company’s approval.

While this story may seem like isolated incident, it is not. In fact, there have been many similar cases where social media posts were used to fuel attacks and gain supporters. In another instance, a manufacturer of agricultural and forestry equipment faced DDoS attacks by anti-logging activists. During the World Cup, websites were brought down in protest against FIFA. Hacktivist groups attached themselves to the Olympics to align with various protest groups and gain the attention of international media and spectators. For example, one group launched DDoS attacks against banks that were financing the games.


While many organizations are caught off guard by DDoS attacks, monitoring for indications and warnings on social media and document sharing sites can often give your security team advance notice so you can better prepare against such attacks. You can also monitor for online images of your logos, physical buildings, or even executives to see if they’re being used by hacktivists to solicit support for a protest or DDoS attack.

The latest version of the Cyveillance Cyber Threat Center includes text- and image-based search. Content-based Image Retrieval (CBIR) mines the web for trademarks, logos, and images of executives and buildings, even if the images have been altered or do not include related keywords anywhere in the text. Contact us for your complimentary demo and trial of the Cyber Threat Center.

Additional Posts

Cyveillance Phishing Report: Top 20 Targets

  Phishing Report: Top 20 Targets Week of May 10-16, 2015 This week saw more than a 40% ...

LookingGlass Weekly Cyber Security Trends Report: May 12, 2015

  Welcome to the Cyveillance Weekly Cyber Security Trends Report Since threat intelligence is ...