What is hacktivism?
Hacktivism, as you probably already guessed, is a play on the words hacking and activism – hacktivism. Hacktivists engage in activities such as webpage defacement, doxing (exposing personal information or corporation data online), distributed denial of service attacks (DDoS) or other computer-based techniques to promote a political agenda, call for social change or as a form of civil disobedience.
For those who have been around long enough, names like Cult of the Dead Cow, Anonymous and DkD probably ring a bell.
You guessed it, hacktivism is not new.
One of the first cases of hacktivism I recall occurred in 1989 with a malware worm infiltrating NASA and the U.S. Energy Department. If I am to be honest, I easily remember the name of the group: W.A.N.K – Worms Against Nuclear Kills, as my adolescent mind at the time found this very amusing. Rumours suggest that infected computer’s login screens were altered with the words ‘worms against nuclear killers’. An interesting bit of trivia for you, it is believed Australian hacktivists wrote the worms.
In 1994, an activist group known as Zippies DDoSed U.S government websites, overloading servers and causing them to shut down for weeks in protest to the Criminal Justice and Order Act 1994.
The peak of hacktivism
If anyone were asked to pinpoint the peak of hacktivism, it would need to coincide with the emergence of Anonymous. In 2003, 4chan, an online message board, attracted a lot of users who would exchange hacking and coding tips. The users usually signed on as Anonymous, which is where the name Anonymous is thought to have begun.
There were many hacktivism activities between 2003 and 2013. For example, Anonymous’ DDoS attack against Scientology in 2008 and LulzSec’s attack on Sony in 2011. Then in 2013, Anonymous took to the streets in the Million Mask Match. The motives for the marches appeared to vary, but some consistent themes were identified, such as political corruption, demilitarisation, self-governance, and police violence. Protestors rallied in 477 cities globally. Between 2015 and 2018, Anonymous was responsible for 45% of all hacktivist activities.
The rate of hacktivism activities began to drop in 2016. This does not consider the 2016 WikiLeaks dump of Hillary Clinton’s emails which is thought to have affected the 2016 U.S. Presidential Election. However, in 2020 with the death of George Floyd in Minneapolis, Anonymous’ returned from the shadows, as reported in newspapers, with a promise to expose police crime in support of the Black Lives Matter movement. In the attacks, hacktivists took down the Minneapolis police department’s website through DDoS attacks and released a list of credentials associated with the police department and employees.
I know by now you are probably thinking, why should I care about hacktivists? They do not seem very active, or are they? As recent as June 2023, a new hacktivist group known as SiegedSec has been causing havoc in the U.S., with the city of Fort Worth announcing a security breach of roughly 500k files in response to the state banning gender-affirming care. Around the same time, the same group took responsibility for attacks against pro-life states in the U.S. The hack included ~8 G.B. of documents, including the personal identifying information of State employees.
The blurring of Hacktivism and government-sponsored attacks
In 2007, Estonia saw distributed denial of service attacks and defacement of government sites. The attack occurred in response to a dispute between Estonia and Russia over the Bronze Soldier of Tallinn, a Soviet-era grave marker that Estonia had decided to relocate from a busy intersection in Estonia to a military cemetery. The attacks lasted 22 days and were considered a threat to national security because Estonia was highly networked.
The attacks were unapparelled, with nothing of this magnitude being seen before. It soon became evident that the attacks were stemming from Russia. Sites were also discovered in Russian, providing instructions on contributing to the distraction through guided step-by-step tutorials on denial of service and distributed denial of service attacks.
Although an ethnic-Russian Estonia national was charged and convicted for the attack, the Estonian government blamed the Kremlin.
In recent years, we have seen a re-emergence of hacktivism on a large scale with Russia’s invasion of Ukraine, spawning hacktivist groups appearing on both sides of the conflict. Included in the mix was a resurgence of Anonymous, plus other groups such as I.T. Army on the Ukraine side of the conflict, and Killnet and From Russia with Love on the other side. Even hacktivist groups in Iran and Israel have emerged, launching very destructive attacks.
How is hacktivism relevant to me?
While the attacks over recent years have been towards specific targets, as described in the above examples, it would not take much for an organisation to be caught in the crossfire. Whether by accident or an outspoken employee voicing support for the wrong side of a conflict.
Hacktivism has seen a rise, fall and rise again since its beginning. The focus currently appears to be on U.S. political states, which are rewinding on human rights, and the Ukraine conflict. However, as the high-level list of hacktivist activities below demonstrates (note this is not a complete list), an array of topics have sparked fury in hacktivists. What does this all mean? Well, I do not believe we should silence ourselves online. But, if we are going to dabble in areas that are political, religious or spark some type of emotional response in people, we need to be prepared for the possible onslaught from hacktivism and ensure I.T. operations and security controls are in place, in case of retaliation.
Timeline of hacktivism events
1998: Cult of the Dead Cow (cDc) creates and releases the Back Orifice software, a tool purposed for exposing Windows security vulnerabilities.
1998: The Electronic Disturbance Theater launches FloodNet, a distributed denial-of-service (DDoS) attack tool, targeting Mexican government sites supporting the Zapatista Army of National Liberation.
2007: The “Estonia cyberattacks” occur, triggered by political tensions between Russia and Estonia, causing widespread disruption.
2008: Anonymous launches Project Chanology, a protest movement against the practices of the Church of Scientology.
2010: Operation Payback is initiated by Anonymous as retaliation against anti-piracy groups.
2011: Anonymous and LulzSec launch multiple operations. Notable attacks include those against HBGary Federal, Sony, and various government websites.
2011: Operation India is launched by Anonymous in response to internet censorship by the Indian government.
2012: Operation Last Resort, an Anonymous-led initiative, targets U.S. government websites following the death of internet activist Aaron Swartz.
2012: UGNazi group initiates attacks on U.S. government and corporate websites, including the site for the Central Intelligence Agency (C.I.A.).
2013: Operation Safe Winter, organised by Anonymous, uses online resources to coordinate physical aid for the homeless.
2014: Operation Ferguson brings attention to the shooting of Michael Brown in Ferguson, Missouri, through digital protests.
2015: CyberBerkut, a Ukrainian group, exposes documents from the Ukrainian government, influencing local and international politics.
2016: Ghost Security Group, an offshoot of Anonymous, targets ISIS’s online presence, taking down propaganda sites and identifying potential threats.
2016: WikiLeaks published emails hacked from Hillary Clinton’s presidential campaign party obtained via Russian hackers.
2017: The hacker group “Crackas With Attitude” targets high-level U.S. government officials’ email accounts.
2019: Anonymous targets the government of Zimbabwe in support of protests against the economic crisis in the country.
2020: Anonymous voices support for the Black Lives Matter movement, launching cyberattacks against U.S. police departments and sharing documents online
2022: The hacker collective “NB65” breaches multiple Myanmar government websites to show solidarity with the civil disobedience movement.
0 Comments