Blended Threats: Protests! Hacking? Death Threats!?!

Our highly interconnected environment is increasingly facilitating blended threats and attacks. As defined many times in our blog posts, a Blended Threat is a natural, accidental, or purposeful physical or cyber danger that has or indicates the potential to have crossover impacts and harm life, information, operations, the environment, and/or property.

Illustrating how rapidly and dangerously this can play out in our world today, Sarah Coble (writing in Infosecurity Mag [@InfosecurityMag] on 12 Jun) reported, that the life of Jessica Hatch, a Houston business owner, was “threatened after cyber-criminals hacked into her company’s social media account and posted racist messages. The founder and CEO of Infinity Diagnostics Center said that her company’s Instagram account was compromised… by an unknown malicious hacker. After gaining access to the account, the threat actor uploaded multiple stories designed to paint Hatch and her business as racist.”

“Here at Infinity we do not support African Americans. If we kept them picking cotton we wouldn’t be having these issues with them” – one of the malicious posts

“We do not employ African American individuals. The things going on right now is a clear example that they do not know how to behave.” – another of the malicious posts

Following the posts, Coble writes that, “Hatch received a stream of hateful comments and death threats from misguided Instagram users who believed the vile comments had come from the business owner.” The complete post provides additional details and points to an insider threat incident. Coble closes, “Since the death threats were made, the Houston Police Department has been checking in on Hatch and the business. An investigation into the hack is ongoing.”

Highly-charged, emotional protests on the ground around the country, a possible insider threat leveraging social media to cause personal and reputational harm to a business (not quite a sophisticated threat actor, but, maybe they were wearing a hoodie so, there could be that…), subsequent physical threats made to the business owner… that’s a lot. A perhaps simple but still complex online attack, and a subsequent physical threat. What a powerful illustration of our blended threat environment, chock-full of associated security considerations… not least of which touch on the insider threat and supposed “hacking.”

If the “hacking” was conducted by a former employee, did they still have access to social media platforms? Why weren’t passwords changed? Why wasn’t two-step verification for Instagram set-up? Why aren’t those procedures captured in policies and procedures?

Our environment is not easy. Our threats may sometimes be simple, or they may be complex or blended threats, that pose challenges across two or more domains. Today we are:

  • Continuing in a pandemic and wrestling with associated physical and cyber threats and challenges
  • Starting hurricane season while contending with COVID-19
  • Experiencing global protests with some minor online antics

And a whole lot more…

The environment will not get simpler. Our risk management processes need to account for our complex and blended threat environment. Our preparedness and operational activities need to consider the several ways we may have to rapidly respond to an incident. And, for goodness’ sake… use two-step / two-factor / multi-factor authentication if at all possible, and when someone leaves, make sure they can’t access social media, email, or the cloud.

Be safe, friends.

Our team includes security updates in our free daily paper, the Gate 15 SUN., which presently includes abundant updates on the impacts and threats associated with the ongoing COVID-19 pandemic, U.S. and international protests, and other current threats, challenges and best practices across the all-hazards environment.