We know about white hats and black hats, which are differentiated mostly by their motivations and ethical codes, but today we will dig deeper into another type of hacker—and no, we’re not talking about grey hats (that’s a topic for another time). We’re talking about modern-day activists, not the ones who stand on the streets holding signs protesting the current political climate, but the ones who employ their technical knowledge, combined with a strong sense of justice, to convey their often politically motivated messages by performing hacks. We are, of course, talking about hacktivists.
The topic of “hacktivism” always sparks debate, not only on the legality and severity of their crimes but also on their ethical codes; whether they’re freedom fighters or merely cyber criminals hiding behind the activist’s veil. So before we form our individual opinions and decide whether hacktivists are our friends or enemies, it’s important to understand the term, learn how it all began and familiarize ourselves with the individuals and groups operating in this manner.
So let’s learn about all things ‘hacktivist’.
So, what is hacktivism?
As technology has progressed over the years, so has the very real threat and sophistication of cyber attacks. And hackers have progressed right along with it. For better or worse, as we’ve stated in a previous blog post on “How web software gets hacked” — “the Internet has no future without hacking”. Hackers serve a purpose in challenging the frameworks, foundations and security posture of all systems, software, applications and more.
Hacking has always been around, and coupled with the development of political awareness and a growing sense of social justice, it has drawn hackers to shifting their focus toward attacks that have an underlying, often ideological incentive.
Hacktivism is derived from the words “hack” and “activism”. It’s prescribed to individuals or groups who perform hacking of computers and networks with the goal of causing societal and/or political change and furthering their activism.
If we refer to the Merriam-Webster dictionary, hacktivism is defined as: “computer hacking (as by infiltration and disruption of a network or website) done to further the goals of political or social activism”.
And what are those goals? Hacktivists have been known to protest against censorship, anti-piracy sites and companies, and in favor of freedom of information.
Debating hacktivism are two opposing sides who bring up the question of morality. Are hacktivists heroes, Internet vigilantes or merely cybercriminals who use their activism as a cover for criminal activities? It depends on who you ask.
The concept of Internet vigilantes—superhero-types who strike back against corrupt governments, corporations, terrorists and all those causing injustice—has always inspired praise from certain people. People taking justice in their own hands, and acting in place of the society. What were once activists, standing on the streets, chanting, holding signs and fighting for the good of people, are now the geeky types who have their fights in the digital realm.
But not everyone sees hacktivists as superheroes, fighting for the greater good.
Because of hacktivism’s inherent anonymity, this subculture of hacking and its lack of accountability often raises questions about the ethics behind their actions. In addition, many corporations and organizations are, naturally, actively opposed to hacktivism and highlight their conviction that, no matter the cause, cyberattacks are illegal.
To better understand these conflicting views and the true origins of hacktivism, let’s dive deeper into its history.
Stay in the loop with the best infosec news, tips and tools
Follow us on Twitter to receive updates!Follow @SecurityTrails
Brief history of hacktivism
The roots of hacktivism are directly tied to the introduction of the term “hacking”. The word’s usage is noted as beginning in the 1960s at MIT’s artificial intelligence labs, and referring to a specialized group of individuals working and programming in FORTRAN.
The term “hacktivism” is attributed to the “Omega”, a member of the hacking group Cult of the Dead Cow (cDc), who used it in an email to the group in 1996. The cDc itself was founded in 1984 in Texas. Since coining the term, the hacking group’s intentions have been strictly political, instated as such with the creation of Hacktivismo in 1999, an independent group under the cDc entirely dedicated to the creation of anti-censorship technology.
In 2001, Hacktivismo created a “Hacktivismo Declaration” which aims to further the idea of freedom of opinion and expression. The Declaration also highlights hacker efforts to challenge government Internet censorship and upholds access to information as a basic human right.
2003 saw the development of the now-infamous 4chan, a bulletin board system forum which served as the birthplace of the hacking group Anonymous, a decentralized, global community.
For most people, when they hear the word “hacktivism”, Anonymous is the first thing that comes to mind. In 2008, the group gained widespread fame with their initiative “Project Chanology,” a series of not only hacking attacks but also physical protests against the Church of Scientology. Other targets of Anonymous and their efforts are the U.S., Israel, Uganda, Tunisia, ISIS, child pornography sites, copyright protection agencies, the Westboro Baptist Church, and even PayPal, Visa, MasterCard and Sony.
While the group has always been hidden behind a veil of anonymity, 25 suspected Anonymous members were arrested by Interpol in 2012. This international doubling-down on hacktivists reduced politically-motivated Internet activities around the world. In recent years, Anonymous’s presence, and the media frenzy that has followed them since 2008, has diminished.
WikiLeaks, another prominent hacktivist organization, was founded in 2006 by Julian Assange. Known for publishing news leaks and other media provided by anonymous sources, WikiLeaks is often called a whistle-blowing website, having been involved in many prominent document leaks.
Most recently, the organization made an impact during the 2016 United States presidential election campaign, which saw the release of emails and documents that caused harm to the Clinton campaign. This attack has even been attributed as a factor in her loss.
WikiLeaks has worked closely with Anonymous throughout the years, including its efforts collectively known as Operation Avenge Assange, a series of DDoS attacks launched after MasterCard and Visa blocked payments to WikiLeaks. However, when WikiLeaks put many of their documents behind a paywall in late 2012, Anonymous rebuked their close relationship on Twitter and officially ended the unique partnership.
Other notable hacktivists groups and operations abound. For a detailed timeline of campaigns and their history, we highly recommend you check out Preceden’s History of Hacktivism.
Current state of hacktivism
Judging by the media headlines of recent years, hacktivism appears to have seen its heyday come and go. But on closer inspection, that might not really be the case—significant operations and attacks by different groups, including Anonymous, still make their appearance.
After the arrest and eviction of Assange from Ecuador’s London embassy, Anonymous made threats to both Ecuador and the UK, with over 40 million cyber attacks launched against government institutions.
And even if you don’t hear a lot about Anonymous anymore, many smaller organizations have taken the reins on more than a few occasions. Unrest in Sudan in June 2019 led to a group of Sudanese protests targeting their government’s actions against free speech and internet access. The protesters launched #OpSudan, an onslaught of numerous acts of hacktivism and DDoS attacks on different organizations. Surprisingly, not all of them were government-owned.
In the UK, hacktivist group Lizard Squad launched two DDoS attacks on the UK’s Labour party during the country’s election. Although they weren’t able to put the party’s servers online, the group has promised more attacks from their international botnet.
As we can see, despite the media’s lack of news regarding hacktivist operations, they don’t seem to be stopping. And with the current political state of many countries, we can’t foresee an end to these aggressive campaigns, or their prominent place in the threat landscape.
Often used techniques for hacktivism
The attack vectors used by hacktivists have more or less remained the same throughout the years. With attack vectors often focused on that which goes against their stance on freedom of thought and expression, DDoS attacks have remained the “go-to” method for hacktivists. Other vectors include cross-site scripting, spear phishing, social engineering, spyware and brute-forcing, among others.
In their fight against Internet censorship, hacktivists have often employed a technique called website mirroring, in which the content of a censored website is copied and published on other, uncensored domains.
Another technique used to discuss and publish content related to human rights issues and anti-government opinions is blogging—but anonymously, to protect the identity of its authors.
Along with their controversial DDoS attacks, hacktivists employ another questionable technique: doxxing. Doxxing is a practise in which an individual’s private information is hacked into and shared to the public, opening said individuals to harassment. While hacktivists claim this is a form of “freedom of information” and transparency, it’s clear to see why many consider this technique highly dangerous and potentially harmful.
In general, the targets of hacktivists’ operations are often government websites and international organizations. They often act in support of regional causes, and their true targets are, naturally, organizations on the opposing side. But in a break from launching strictly politically-motivated hacks, hacktivist groups are also known to launch operations aimed at illegal and socially condemned activities. One such effort is Operation DarkNet, Anonymous’s hack into child pornography websites that published the names of their users. Another, less extreme example of this activity was the Ashley Madison hack, in which the group Impact Team stole the personal information of an extramarital dating site’s many users.
While many may think of hacktivists as unsung modern heroes and freedom fighters against corruption and freedom of speech, the truth is that there is no accountability for these anonymous actors. At the end of the day, it’s hard to put them into any category, from heroes to terrorists or anything in between.
Putting the law in the hands of those we can’t see, whose true motivations are unknown, is a dangerous guessing game. It’s up to each one of us to get the right information and form our own best judgment.
One thing is certain: as long as there are hackers, there will also be hacktivists.