Worse, they may have friends on the inside, says Jason Mical, director of network forensics for AccessData, a digital investigations and litigation support firm.
"They are organized," he says. "They engage in information sharing. They are capable of large-scale collaboration, because they've established clear lines of communication. And honestly, any employee at any company or government agency could be a friend of a hacktivist or even a member of a hacktivist group."
Your best defense: You'll need more than torches and pitchforks -- or antimalware and intrusion prevention systems -- to fight off Frankenhackers, says Mical.
"The truth is you can't stop them," says Mical. "Unfortunately, today's exploits are constantly evolving, so signature-based threat detection won't work. You need an integrated technology that allows you to forensically monitor your computers and network communications for suspect behavior. You want the ability to see what's happening across the network and with your traveling employees, so when cyber security practitioners see something unusual they can say, 'Something's not right here.'"
But early detection alone isn't enough, says Rob Kraus, director of the engineering research team at Solutionary, a managed security service provider. You need to respond quickly and thoroughly, then analyze the attack and your response afterward so that you'll do better next time. Having a close relationship with your ISP helps, says Kraus, because they can help isolate the attackers and get your business back online.
"Organizations are usually unprepared to defend themselves against threats, mostly because they never believe it will happen to them," he says. "But now they're starting to believe it."
If your company handles sensitive data -- virtually all organizations do, these days -- you need to encrypt it to keep it safe from the aforementioned zombies, ghosts, and Frankenhackers. That means every enterprise needs a Crypto Keeper: someone to manage the encryption keys and the policies around them. If that Crypto Keeper goes rogue, though, you're in for a real horror show.
If the Crypto Keeper withholds, corrupts, or loses the keys, the data your company runs on could become inaccessible, says Rami Shalom, vice president of data encryption and control for SafeNet, a cloud-based data protection company.
"This is a real concern for enterprises," says Shalom. "You have to make sure when you use crypto that you don't increase the risk of losing data -- not to someone else, but permanently. When your keys are eliminated, that could put you into deeper trouble than if someone else got their hands on your sensitive data."
Your best defense: Don't leave your organization's encryption keys in the boney hands of an animated corpse or trust them to a single admin who could go rogue, says Shalom. Separation of duties and giving different people responsibility for different parts of the process can protect you.
"In the early days, IT admins were like gods who could access any data they wanted at any time," he says. "Now you need to make sure you don't have a single user with that kind of power. Organizations need to find ways to have multiple copies of the same key and to replicate the key management system in more than one location. That way, even if one person decides to do damage the data can still be retrieved."