To stop attacks against your company, have in place a plan before you're a victim.
A written cyberbashing SWAT team guide should be established for the company as well, and be accessible by a secure online source to be available at all times and from all locations to the cyberattack team. It should include key and trusted journalists, the analysts, key shareholders, officers and directors of the company, and all-hours contact information. It should include the essential information about the company's brand names, domain names, and intellectual property, and names and after-hour contact information for the company's lawyers and off-shore managers. The more information kept updated, the better. Speed in being able to react is crucial.
Create relationships with trusted bloggers. Make sure you let them know when false information is being spread. Few know more about putting out cyberfires as the popular bloggers. But don't abuse their trust. An offended blogger can do far more damage these days than any other type of cyberbasher.
Blog names (on places like Google's Blogger), domain names (under all TLDs--top-level domains such as .com, .us, and .info), and permutations of those names that could cause confusion with your company's actual online presence or interfere with it should all be registered in advance, to prevent their being used as a base for further attacks.
Advance warning is key. While no one can cover all possible sources of attacks, keeping a close watch on the rhythm of the cyberdrums can be very fruitful. Public-relations professionals should be keeping an eye on any mention of the company online.
There are many services that offer to help you do this. Dow Jones has a service under its Factiva brand that allows companies to spot early chatter online. BayTSP helps spider the newsgroups, blogs, and Internet for references to the company or individuals, images as well as text. Google can be used to search newsgroups, images, Web sites, and many blogs; it can send you daily alerts about new mentions, and the service is free. Feedster allows you to search many blogs, and signing up for a feed from the most likely bloggers and sites can give you advance notice of an escalating problem as well. You should keep an eye on DomainSurfer.com and see if anyone is registering your brand names, company names, or permutations of those names. What about your own name? Check that, too. And when you check DomainSurfer, search for these at the beginning and the end of a domain name.
But sometimes, you're blindsided. Or sometimes the bashing campaign takes place via E-mail and doesn't show up in online searches. Then what do you do? You need to treat it exactly like a deadly epidemic is treated offline. As calmly as possible, try and identify the original source and what those buying into or spreading the misinformation have in common. Where's the link? Just as epidemic specialists seek a common restaurant or food source, or meeting ground for all victims of an epidemic, you need to be able to spot what cybersource these attackers have in common. Is it a Web site or posting? Is it a well-read blog? Perhaps an article leaked to someone in the electronic news media?
Just as you use these sources to keep an eye on traffic and advance warning of any attack, you turn to them again once you receive notice of an attack. Google may help you identify the common source. The traffic generated by a cyberbashing campaign drives the common sources to the top of Google and other search engines. And don't just stop with Google. Check all search engines and all-in-ones as well. And search image, newsgroup, and any other search options as well as textual Web search. If blogs are involved, watch the traffic of the most popular ones. Search Feedster.com. If you have a subscription with a special cyberwatch service, check with it. Just be aware that the attacks may have started with a password protected/hidden page you can't view. But even some of those are picked up by the search engines directly, or may be restated by another open site.
You may be able to optimize the searches for you or your company by buying keywords and search terms from the search engines, or using other methods of moving the good information about you or your company to the top of the search engines again. Or you may be able to enlist the help of bloggers or others online to help you shift the site rankings away from the attacks.
Check the monitoring logs of employees and the reports of those supervising those logs. Seek help from employees in identifying any leaks or malicious attacks. See if any of your board members, key shareholders, or analysts have received any unusual cybercommunications, such as E-mails, IMs, or links to bashing Web sites. The board and key shareholders (as well as any union leadership) should be informed of any early cyberbashing as quickly as possible, or given a policy on how these communications should be handled, well in advance. Make sure they have a contact person and know what to do if they're contacted or attacked as part of the campaign.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.