IT security experts like to say: There are basically two types of organizations when it comes to hacking: Those that have been hacked and know it, and those that have been hacked and don’t know it.
More and more attention is being paid to all types of hacking — foreign government sponsored, black hat and white hat. The indictment of Matthew Keys (for assisting the hacking collective Anonymous on an attack against the LA Times) is a recent example of the US Department of Justice action. Keys faces up to 10 years in prison and a $250,000 fine on each count; an indication that the DOJ is taking this case seriously. Today, the New York Times reported that many legal specialists and observers are upset by the severity of the consequences Mr. Keys faces and are petitioning for an overhaul of the fraud act.
PR professionals need to work closely with IT and organization security professionals on what and when to discuss hacking. In addition, PR needs to help lead other crisis response and prevention efforts such as what to say or do following social media comments and attacks. The speed at which bad news, rumors and allegations can go viral requires closer collaboration between physical, virtual and reputation protectors.
Among the measures that can be taken to improve response time is a crisis simulation that combines a table top exercise with social media/hacking issues. CommCore’s Pressure Test is designed to help clients, spot issues, decide who needs to be part of a response team and then make better decisions.
We’ll watch the Keys trial for both the verdict and any insights on how and why Anonymous executes its attacks.