Most hack attacks simply seek attention, security expert says
While Smith admits that cyber attacks are often designed to punish a particular organization that is targeted by hactivists, he adds that the aim is to also generate press for their cause.
"What we have seen with hactivists is that attacking a website tends to be more about generating media coverage about their cause than it is about which site they targeted or what the impact was," he said.
In the case of the New York Times, DNS records were altered by The Syrian Electronic Army, but Smith warns that distributed denial of service (DDOS) attacks, defacement and other popular forms of hacktivism are not going away, either.
"The key thing to remember is that individual vulnerabilities may be different, but the attacker won't always pick the easiest or least risky way to achieve their goals," he said. "In the case of wanting to punish a certain content provider or site, there are many different ways to do that."
Power of advertising
Smith said that risk for the attacker can also come into the hacking equation, as well as how that site is defended.
"That's why you have things such as SEA compromising domain registrars, third party content, and advertising services," he said.
The latter is highlighted by Smith as being particularly potent.
"When you compromise the advertising services, then any site that includes that content from the advertising service shows up on a site," he said.
Thus, if a third party provider is breached, then the hactivists can display the malicious content on the target site.