One of the most common and useful tools in any crisis management strategy is the creation of a dark website. This practice is pretty common and it is one of the must- have policies in consumer sectors such as larger airlines, food/beverage companies, pharmaceuticals, financial enterprises and so on.
By definition, a dark website is a pre-made, non-visible website, that can be activated online when a particular crisis occurs. It is common for most companies to have several ones and all of them are customized according to certain vulnerabilities and corporate risks. They store written-in-advance news releases, pictures, official statements and other background information, as the specific details will only be added right before their release.
The dark site can be placed on a separate domain, be a distinct section of the main website or totally replace the original. It could be saved on any of the corporate servers or be kept safely on a preferred external device.
How this is related to Black PR
Because of the significance of dark websites, they have also become targets of many malicious scenarios. Probably the scariest threat for companies is someone intentionally triggering the content of the site online, without the permission of management. The system administrators will soon repair the “mistake”, but the point here is totally different. The actual goal of the attackers is not to create a false appearance of crisis, but to make a destructive buzz and to lower the public trust towards the target. Even if instantly refuted by the corporate crisis team, the situation will still be strong enough to cause a massive confusion among the audience, especially when all of the Web 2.0 applications allow you to achieve that in a matter of minutes. And remember – the information on the Internet always remains cached, so the chances of someone going back to those issues are actually pretty high.
Imagine the following
One of the largest European airlines is about to complete a major acquisition deal with a smaller transport company. The upcoming merger is really hot news at that moment and gets all of the media attention in numerous financial editions. The share prices of the organizations are record high and most of the economic analysts predict a very bright future for the new agglomeration. Sounds good in theory, but in fact, all that success would lead to enormous financial loss to the rest of the market players, even if this issue is not related directly to them. So how would they fight back?
Instead of losing millions of dollars by letting this happen, most of the time the competition will use the most tested type of techniques – attack is the best form of defence. They would prefer to contract professional black-hats, who will take full responsibility for their actions.
Hacking the dark sites is one of the easiest and most logical steps that hackers would undertake for two reasons: first, these are the most vulnerable assets of the target, giving information about all the unpleasant situations that the rival is afraid of and secondly, the chaos they mean to cause could be achieved instantly. All the black-hats need to do is gain access to the internal corporate network, scan the saved HTML files and launch the domain, pretending that this comes from someone inside the company. There are various techniques that could be used and that is why I won’t get into many technical details, but one thing is for sure- most of the companies tend to ignore reputation risks for the sake of the financial ones and that makes the whole process easier.
As mentioned above, the main purpose of cracking dark websites (usually, big companies have several ones) is to lower the trust of the target’s stakeholders. In the airline case, the attackers could choose among various scenarios and pick one to suit their needs. Of course nobody will believe that an aircraft has been crushed, for example, but the noise will be good enough to make the airline share prices plummet, especially when no one would like to invest in a company with bad security and data protection.
Bottom Line
Even if the black-hats are not aiming to deface the corporate website, getting access to target’s risk management applications would help them realize what types of crises are most expected and how the organization is planning to deal with these issues.. After that, this information could be used as part of a greater strategic plan, aiming to defame the targeted corporation.
The only way you can prevent a Black PR attack is through regular checks and broader education about its existence and common techniques.
Remember – Black PR is not fiction, it’s real and out there,
“All the black-hats need to do is gain access to the internal corporate network, scan the saved HTML files and launch the domain, pretending that this comes from someone inside the company.”
You’re kidding right? Reach further into the pit of “never going to happen” please. It’s easier to just DoS the site off the net, providing the exact same effect (which will make less than 0% difference to any company’s stock prices, just FYI), except that, guess what – consumers aren’t “confused” when a site goes down, they just shrug it off and move to another source of information. If the break is prolonged, and the target is a large, frequently used site, then the reaction is a little different, but good luck “accessing the internal network and running domains” of Google or Wikipedia. L o l.