Hacktivists: Cyber Freedom Fighters or Cybercriminals?
By Nadav Morag, Ph.D., University Dean of Security Studies
As the world becomes increasingly dependent on computers and computer networks, individuals and small groups have gained the opportunity to hack into government and corporate computer networks in order to disrupt the operation of those networks. Furthermore, the Internet has provided those individuals with a global audience for their ideas and the opportunity to recruit a large number of like-minded persons.
A “hacktivist” is an individual who uses computers and computer networks to disrupt operations and/or expose sensitive information for political or social reasons. Hacktivists are not cybercriminals (though many of the acts they engage in are criminal acts, sometimes serious ones such as leaking government secrets), because they are not motivated by financial gain but rather by the ideal of trying to achieve a political goal. By the same token, hacktivists are not terrorists, because they are not trying to kill and maim in order to achieve a political objective. To date, no cyber attacks have resulted in anyone’s direct death or injury, and consequently it is doubtful as to whether anything done via computer networks can be classified as terrorism, at least at this point in time.
Activists, protestors, revolutionaries and others pushing for a cause have, of course, been around since the dawn of civilization, but the current historical period is a unique one for them for three reasons. First, they now have unprecedented potential access to the inner workings of government and the corporate world through access to sensitive information and/or the ability to leak that information. Second, they have new opportunities to disrupt the workings of government and the private sector. And third, today they can spread their ideas and recruit people to the cause. Let us call these phenomena ADD (Access, Disruption and Dissemination) and look at them individually.
The United States government is still reeling from the copious amounts of highly classified materials being leaked by former National Security Agency (NSA) contractor Edward Snowden (currently in Moscow). As a system administrator at the NSA, he had access to extremely sensitive electronic eavesdropping programs and was apparently able to download significant amounts of information on various NSA electronic spying programs, some of which he has subsequently provided to the media. Some of the most sensational revelations have included reports that the NSA regularly listens in on the private conversations of world leaders of countries allied to the United States, including those of German Chancellor Angela Merkel. Another famous hacktivist leaker is Bradley Manning, an army private who was sentenced in August 2013 to 35 years in prison for having leaked to the website WikiLeaks the largest cache of classified documents in U.S. history. The leaked information included classified State Department cables and classified documents on the wars in Afghanistan and Iraq.
Other hacktivists have targeted companies and released confidential employee information, customer credit card numbers and other types of damaging information.
All in all, the access that hacktivists gain (from either inside or outside a government agency or company) allows them to significantly damage the workings of government agencies and corporations. That’s because many of those organizations’ activities necessarily rely on the trust of their partners, allies and/or consumers, and this trust can only exist if confidential information is effectively protected.
Hacktivists also regularly engage in trying to disrupt the activities of government or the private sector in order to make a point, punish or otherwise try to make an impact. In April 2007, hacktivists, possibly with the collusion of the Russian government, attacked websites of the Estonian government, major banks and media outlets in protest of the relocation of a statue that commemorated the actions of the Red Army in World War II. The attacks included DDoS (Distributed Denial of Service) attacks, in which websites are pinged continually with thousands of requests per second (usually by networks of hundreds or thousands of hijacked computers, known as botnets) until they collapse. The attacks lasted for weeks and succeeded in shutting down some key websites for a time leading to expensive and time-consuming countermeasures.
Hacktivists’ targets have been extremely varied and have included Israeli credit card companies, the U.S. Department of Defense, PayPal, the Church of Scientology, international law firms and trade groups. One of the most well-known hacktivist groups in Anonymous, whose members famously don Guy Fawkes masks at demonstrations. Its members have been implicated in a wide range of attacks including, more recently, those deemed to be in support of Arab Spring movements in the Middle East, organizations accused of homophobia, Sony, the Israeli government and the U.S. Senate.
In most cases, hacktivist attempts at disruption have been of limited utility, but they do force governments and industry to spend more time and money on their cyber defenses thus having a detrimental impact on economic activity.
The global nature of the Internet provides activists of various stripes with the ability to disseminate their ideas. Where once they would have handed out a few hundred fliers on street corners of a major city, they now have a worldwide audience to which to pitch their views. An activist who uses the Internet to disseminate ideas and recruit members can also be considered to be a type of hacktivist because, unlike traditional activist, revolutionary and protest organizations, hacktivist groups tend to be loose, without a clear leadership structure, and the link between various hacktivists is usually exclusively via the Internet with little likelihood of a given hacktivist ever physically meeting another hacktivist. Anonymous is a good example of this type of loose, Internet-based organization. It does not have any internal command structure, overarching strategy or common political program, and thus it is a completely fluid organization. Anonymous hacktivists decide on their own who they want to target in order to accomplish what they believe to be the movement’s goals.
Needless to say, this international dissemination of ideas means that more people will be exposed to radical narratives that could lead to disruptive and dangerous behavior, both in the cybersphere and in the “real world,” and it helps ensure a supply of disgruntled and/or impressionable recruits.
In summary, hacktivism is a phenomenon that is here to stay. And while it does not kill people (at least not yet), it does represent a costly challenge, both to government and to industry.
Nadav Morag, Ph.D., is University Dean of Security Studies at CTU. He works on projects for the Department of Homeland Security and the Department of Defense, and he is a published author on terrorism, security strategy and foreign policy. Connect with Dr. Morag on Twitter.
Image Credit: Flickr/Anonymous9000