Domestic violent extremists (DVEs) in the United States are increasingly doxing senior leaders from the public and private sectors publishing their personally identifiable information (PII) with malicious intent and without the leaders consent. Historically, DVE doxing attempts usually targeted other DVEs and political opponents, but recent trends show a broadening scope of targets, including government officials, executives, and heads of various institutions. These doxes often follow the leaders or their companies involvement in contentious issues, such as stances on geopolitical conflicts, diversity policies, and political alignments.
Diamond model analysis of Dox #1 (Source: Recorded Future)
Escalating Threats: The Rise of DVE Doxing and Strategies for Defense
Insikt Group evaluated three case studies of DVE doxing attempts, examining the DVE threat actors, their targets, their sources and methods for conducting the dox, and their means of publishing the dox. Research found that those who are doxed by DVEs are at a heightened risk of physical threats, such as harassment, stalking, protests, surveillance, and even physical attacks, as well as cyber threats. Victims and their organizations face not only physical risks but also significant financial and reputational damage from the negative sentiment campaigns that typically accompany doxing incidents. A notable uptick in doxing, especially against corporate leaders, was reported in 2023, with a SafeHome survey indicating that eleven million Americans have been doxed.
Several factors are expected to spur DVE doxing efforts, including geopolitical events like the Israel-Hamas conflict, the 2024 US presidential election, and private sector engagement with social justice issues. As businesses and government entities navigate these sensitive areas, their leaders may increasingly find themselves in the crosshairs of DVE doxing campaigns, particularly as they make public statements or policy decisions on controversial issues among DVEs.
To combat the threat of doxing, leaders are advised to enhance their cyber hygiene, utilize threat monitoring services like the Recorded Future Intelligence Cloud, and take proactive measures to minimize their digital footprint. This includes removing PII from accessible online platforms, conducting regular audits of their digital presence, and preparing for potential doxing incidents. Following a doxing event, it's crucial to document the incident, assess the risks based on the exposed information, attempt to mitigate the source of the leak and engage with law enforcement if necessary.
To read the entire analysis, click here to download the report as a PDF.
Article Link: Violent Extremists Dox Executives, Enabling Physical Threats | Recorded Future