YoSoyJustin

Presidential election fallout in Venezuela increases likelihood of hacktivist activity

Target: Venezuelan organisations, particularly governmental and financial
Attack Vector: DDoS attacks, site defacement, data leaks. Also potential for SQL injection
Threat Actor: @YoSoyJustin
Summary: Venezuela has recently re-elected President Maduro to serve another 6-year term as head of state. Yet the appointment comes with much controversy as opposition parties, voters, and much of the international community allege the election to have been rigged, with low voter turnouts and limited opposition to the ruling party in Caracas, with many opposition leaders disqualified from the election.
The country has been in a state of turmoil since 2013, with the economy sharply dipping and dramatically increased poverty prompting protests over recent years. This has also been supported by hacktivist activity and the heightened tensions from the recent election and controversy are likely to provide fuel for further protests and hacktivist activity.
Risk assessment summary: This threat is assessed as 3d MODERATE. The Venezuelan people have seen their country collapse rapidly and dramatically since 2013, with very little action undertaken to appease them. Hyperinflation continues to exist with everyday goods still in short supply. This makes the continuation of protests in the Latin American nation extremely likely, and thus hacktivist activity is also likely to continue. The latter is more dependent on events on the ground, should there be another election or further unrest, it is almost certain further attacks will be observed.
The ability of @YoSoyJustin is also of particular note. The majority of attacks over the past two months have been data leaks and have yielded documents containing sensitive information as well as login credentials. The group have also been observed to delete company data as well as provide information for other threat actors on how to exploit vulnerabilities in websites.

Leave a Reply

Your email address will not be published. Required fields are marked *